Home / mailings APPLE-SA-2008-03-19 AirPort Extreme Base Station Firmware 7.3.1
Posted on 20 March 2008
Apple Security-announce-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2008-03-19 AirPort Extreme Base Station Firmware 7.3.1
Firmware version 7.3.1 is now available for AirPort Extreme 802.11n*
base stations. (* Based on an IEEE 802.11n draft specification)
Further information on the base station is available via:
http://www.apple.com/airportextreme/
Firmware version 7.3.1 fixes the following security issue:
AirPort Extreme Base Station with 802.11n*
CVE-ID: CVE-2008-1012
Available for: AirPort Extreme Base Station with 802.11n*
Impact: A maliciously crafted AFP request may lead to a denial of
service
Description: An input validation issue exists in the AirPort Extreme
Base Station's handling of AFP requests, which may cause file sharing
to become unresponsive. This update addresses the issue by performing
additional validation of AFP requests. This issue does not affect
Time Capsule or AirPort Express. The fix for this issue is available
in the following separate updates:
- - AirPort Extreme with 802.11n (Fast Ethernet) 7.3.1
- - AirPort Extreme with 802.11n (Gigabit Ethernet) 7.3.1
Credit to Alex deVries for reporting this issue.
Installation note for Firmware version 7.3.1
Firmware version 7.3.1 is installed into an AirPort Extreme Base
Station with 802.11n* by running the AirPort Utility which is
provided with the Base Station.
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/
