ESB-2017.3184 - [Appliance] Apple AirPort Base Station (with 802.11n): Multiple vulnerabilities 2017-12-13

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.3184
                AirPort Base Station Firmware Update 7.6.9
                             13 December 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Apple AirPort Base Station (with 802.11n)
Publisher:         Apple
Operating System:  Network Appliance
Impact/Access:     Access Privileged Data         -- Remote/Unauthenticated      
                   Provide Misleading Information -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-13080 CVE-2017-13078 CVE-2017-13077

Original Bulletin: 
   https://support.apple.com/en-au/HT208354

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-12-12-1 AirPort Base Station Firmware Update 7.6.9

AirPort Base Station Firmware Update 7.6.9 is now available and
addresses the following:

AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and
AirPort Time Capsule base stations with 802.11n
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
unicast/PTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and
AirPort Time Capsule base stations with 802.11n
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
multicast/GTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

Installation note:

Firmware version 7.6.9 is installed on AirPort Express, AirPort
Extreme, or AirPort Time Capsule base stations with 802.11n using
AirPort Utility for Mac or iOS.

AirPort Utility for Mac is a free download from
https://support.apple.com/downloads/ and AirPort Utility for iOS
is a free download from the App Store.
- -----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlowGBMpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEat/hAA
oSRiOLRhqL1ou4QBFooxDYnYpgEQHCWwyMFcRwSATzVEyGFNS95AWG1kzVM7g/FE
7O81zzw33Zlk7YhjeGwlpPQ0QG6x1FD/kVi4kFPEakJE0u514zn+LvD+1ZZ/1oan
jpsw1APUSOqKiTFpFLM2A+te5pt0j6VrObYykWZpyxoMqqBTxRBhA/44NZMmZKtP
FEKLi9wfV7VuiyJbvjKomvAmJXAWY/lOWF0r/+7EWni0c6s3P8IpgliSYaCzlHSD
5T4Rr1xFEEMAU8LcMI5MYh5MUGkXoMgNCdGpHcKGAH6IeFLHLcNQgzHvQHI4M4zE
aqKxh0QuriXCCT45eTtAJfpNzKd/Ei2Df9BlmgDZX1U4pt4FgKTar0DhtQtw8rwA
0A6LHAiKWRxS9OJjQQeBKcNM6ZXkCIDESku8gEXdxaM2H82zQ4EJVYZ9C1e0EOGp
fF2jPTfaVMutQuoEpGn65hlQxi/szh/ezwGNKUTRAicTInaBPGFGRAr0+xiXVdi7
0Bb/i+hTIC2FKPaOWfLBIBbedu3M9oIi0061q3YukZPlESiZGUWyGDmyoX/3ZIht
anDY6u6IDzmqu5Sw/llZAsFkFsFwNJMioVOgNceXeetSAiXCHqsWBQFnw3Q4tJgS
9kPiorTFjAJYFQwPdPhFGaxwT+bDqgKi9g82QrGniVc=
=QykH
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWjC5B4x+lLeg9Ub1AQhbYg/+Mg9J3tE7DGFGZicLyk+NLssO0FBtLweR
PPGpgd8ejWbMSikm0D2pywFHmhE4NI5TYdemMn+W8LkJD1AGaZ9bcng/l60NRkg5
w5c8IQGLgrnTDsbrriir5E75dyoxh7n7FzprvGaALu3bJ9h3ILelg6lYxLcFHFyV
FCMjFkPx+6DaLzJOOmGqwb3FZ9xCjZEtolcZOaxyiGTiPs2naXc/2Buyv2KvqFMZ
6JX3UcV/ADAAibZpP1iUjC4p/+l1S75PSoQ9dbMbuH/0fdpMUL4bnRvTuYFG65lj
h6QIkAHKrdo5qYTqAHMm3ERqMzOCEvjJxPi2QoTOG7X+DW+YN+Sz+Ebjh5q2qVRC
HyYYzyINWHo+YnxhPCIF/QfMZaJXuh01iZ8VPDLel55pR5PyuLr8hJUlzYWf+fSU
qjT5j0Iz577S1bsNVeFAQaTK/ifaHmi6Z++p1GGT80YLJPnnWm+dzFtT2QiVuoeD
gl9Ngvs7ATSsYz13YrhDiUPNDEcrMnTo7dxbFeF/uJoDm3/OqBoIUXODdmPs+n46
RpEAfoU9xWqv09ewnmlDeNYkEabF6KMt/cImrqzAyXNqUnNAatY163iTlm2b2ITQ
sNI2ya615bIT1mE0uyRdRXnfgwl4J1auf/deQflUCYe/zJbo1UAln9QGTbJ7J9qV
KU10gJFuLSc=
=sFrm
-----END PGP SIGNATURE-----

« Back to bulletins