I realize that this one is a couple of days old. Sorry about the delay. I was unplugged for the weekend.
From Secunia: “Description:
Some vulnerabilities have been reported in AirPort, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
1) Two boundary errors exist in the handling of malformed wireless network frames. These can be exploited to cause a stack-based buffer overflow by sending a malicious frame to the system, and may allow arbitrary code execution with system privileges.
The vulnerability affects the following products equipped with wireless:
* Power Mac
* PowerBook
* iBook
* iMac
* Mac Pro
* Xserve
* PowerPC-based Mac mini
2) A boundary error exists in the AirPort wireless driver’s handling of scan cache updates. This can be exploited to cause a buffer overflow by sending a malicious frame to the system and may lead to a system crash, privilege elevation, or execution of arbitrary code with system privileges.
3) An integer overflow exist in the AirPort wireless drivers API for third-party software, which may lead to a buffer overflow in applications using the API. This can be exploited to cause a buffer overflow by sending a malicious frame to the system and could crash the application or lead to arbitrary code execution with privileges of the user running the application.
Vulnerabilities #2 and #3 affect Intel-based Mac mini, MacBook, and MacBook Pro equipped with wireless and does not affect systems prior to Mac OS X v10.4.
Solution:
Apply Security Update 2006-005 or AirPort Update 2006-001:
http://www.apple.com/support/downloads/ ”
Tags: Apple Airport, Wireless Vulnerabilities, Buffer Overflow, Wireless Security
