Via Month of Kernel Bugs -
Apple Airport Extreme driver fails to handle certain beacon frames, leading to an out of bounds memory access, resulting in a so-called kernel panic. Other security implications may exist, although this hasn't been verified and no details can be provided until further research is done.
This is issue is being coordinated with Apple, and under common agreement it's been decided to keep the details private until a fix has been made available to end-users.
A proof of concept module for the Metasploit framework may be provided after an official patch and announcement is released by Apple.
This issue has been verified with a Macbook (2GHz Intel Core Duo), running Mac OS X 10.4.8 (8L2127), Apple Airport Extreme Firmware version 0.1.27.
LMH - discovery (6-Nov-2006), reported to Apple (25-Nov-2006, #4849XXX).
No comments:
Post a Comment