Vulnerability-Lookup

CVE-2013-5132 (GCVE-0-2013-5132)

Vulnerability from cvelistv5 – Published: 2013-09-08 01:00 – Updated: 2024-09-17 02:52

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

GHSA-X9XP-V54H-F3GP

Vulnerability from github – Published: 2022-05-17 05:04 – Updated: 2022-05-17 05:04

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-5132"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-09-08T03:17:00Z",
    "severity": "MODERATE"
  },
  "details": "Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame.",
  "id": "GHSA-x9xp-v54h-f3gp",
  "modified": "2022-05-17T05:04:27Z",
  "published": "2022-05-17T05:04:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5132"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5920"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201309-0410

Vulnerability from variot - Updated: 2025-04-11 23:09

Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame. Apple Time Capsule is a wireless attached storage device that combines wireless built-in gateway routing from Apple. Apple AirPort Extreme is a wireless solution for home, school and small businesses. Apple AirPort and Time Capsule have errors in processing frames. An attacker can exploit this issue to cause an unexpected base station system termination, triggering a denial-of-service condition for legitimate users. The product supports streaming music and wireless printing. This issue was addressed by adding size checking to the parsing of small frames.

It is recommended that AirPort Utility 6.3.1 be installed before upgrading to Firmware version 7.6.4 on OS X systems, and AirPort Utility 1.3.1 for iOS devices.

AirPort Utility may be obtained through Apple's Software Download site: http://www.apple.com/support/downloads/

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJSKlQVAAoJEPefwLHPlZEwdt8P/jb/AXcjc7V1huYAj7Mm/SS/ pX3k45IqAivLJlsGaPZs0Hjt4MZVmuUkQ8DpS7ttdbBnbS3MzJIB0yIqFFx2GM+R 853vMV6GjBfc6jY1yXD/71jpv0b6f75YWKndOMPBjVRfamq2tlOoUXV4oKzkA22Q kypZIl8xr2AxTeiA+jOgzFo1UQXIEk/dvAr98wsL7nbpTHFLHSpXYvN8qpXpbExT YS3e5p/QAYzm+Pcf97MCFrNyhLs1WhdZ47Ddu6CZuwZv+JmxMtQKVIa7TvFKVfa8 KJvFumYxCHh2ZkQfz+GcTn5RlFYPeq63VwSTq//bEx/BYhB7SKbf4JXSJfpz4IFz 514rS6WGKULDDjltWAADG8WOhbnWMxDCKvYQwT1C8yTqVDKnYJhiXofyb/lkvSUR OViCT6LTS5RfjWCzrIPYk+wajSEadb8V65N8wD3gAimfbv2oIf16ZljAxCNzp6jG XdrXRyLhPwN920AdtA7pVDtgWWmbxi536EAeWyppYn9RDsraAp/FZn0SStMTYYdE oUNvJ5onHSES+SYI6ITfXfSXTI9rY7kcyY51hcs5v2H+LOxNOQglLroi77GM5nMB LbHUwxadaOFmYWIVGMD3MbDnJRNxActqWCnjA7nj66/5ceUxdy//gjz3zPfYeApb JnaDL/59/3H37zeaurXh =C6U1 -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201309-0410",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "airport base station",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.6"
      },
      {
        "model": "airport base station",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.3.2"
      },
      {
        "model": "airport base station",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.5.2"
      },
      {
        "model": "airport base station",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.4.2"
      },
      {
        "model": "airport base station",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "airport base station",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.6.2"
      },
      {
        "model": "airport base station",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.6.1"
      },
      {
        "model": "airport base station",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.6.3"
      },
      {
        "model": "airmac base station",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.6.4"
      },
      {
        "model": "airport express",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.6.4"
      },
      {
        "model": "time capsule",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.6.4"
      },
      {
        "model": "airport base station",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.6.3"
      },
      {
        "model": "time capsule",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.6"
      },
      {
        "model": "time capsule",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.5.2"
      },
      {
        "model": "time capsule",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.5"
      },
      {
        "model": "time capsule",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.2"
      },
      {
        "model": "time capsule",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "time capsule",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "airport extreme base station with 802.11n",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.5.2"
      },
      {
        "model": "airport extreme base station with 802.11n",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "airport express base station with 802.11n",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.6"
      },
      {
        "model": "airport express base station with 802.11n",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.5.2"
      },
      {
        "model": "airport express base station with 802.11n",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "time capsule",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.6.4"
      },
      {
        "model": "airport extreme base station with 802.11n",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.6.4"
      },
      {
        "model": "airport express base station with 802.11n",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.6.4"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "db": "BID",
        "id": "62262"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5132"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:airport_base_station_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Joonas Kuorilehto of Codenomicon",
    "sources": [
      {
        "db": "BID",
        "id": "62262"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-5132",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.9,
            "id": "CVE-2013-5132",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2013-12934",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.9,
            "id": "VHN-65134",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-5132",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-5132",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-12934",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201309-042",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-65134",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5132"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame. Apple Time Capsule is a wireless attached storage device that combines wireless built-in gateway routing from Apple. Apple AirPort Extreme is a wireless solution for home, school and small businesses. Apple AirPort and Time Capsule have errors in processing frames. \nAn attacker can exploit this issue to cause an unexpected base station system termination, triggering a denial-of-service condition for legitimate users. The product supports streaming music and wireless printing. This issue was addressed by adding size checking\nto the parsing of small frames. \n\nIt is recommended that AirPort Utility 6.3.1 be installed before\nupgrading to Firmware version 7.6.4 on OS X systems, and AirPort\nUtility 1.3.1 for iOS devices. \n\nAirPort Utility may be obtained through Apple\u0027s Software Download\nsite: http://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJSKlQVAAoJEPefwLHPlZEwdt8P/jb/AXcjc7V1huYAj7Mm/SS/\npX3k45IqAivLJlsGaPZs0Hjt4MZVmuUkQ8DpS7ttdbBnbS3MzJIB0yIqFFx2GM+R\n853vMV6GjBfc6jY1yXD/71jpv0b6f75YWKndOMPBjVRfamq2tlOoUXV4oKzkA22Q\nkypZIl8xr2AxTeiA+jOgzFo1UQXIEk/dvAr98wsL7nbpTHFLHSpXYvN8qpXpbExT\nYS3e5p/QAYzm+Pcf97MCFrNyhLs1WhdZ47Ddu6CZuwZv+JmxMtQKVIa7TvFKVfa8\nKJvFumYxCHh2ZkQfz+GcTn5RlFYPeq63VwSTq//bEx/BYhB7SKbf4JXSJfpz4IFz\n514rS6WGKULDDjltWAADG8WOhbnWMxDCKvYQwT1C8yTqVDKnYJhiXofyb/lkvSUR\nOViCT6LTS5RfjWCzrIPYk+wajSEadb8V65N8wD3gAimfbv2oIf16ZljAxCNzp6jG\nXdrXRyLhPwN920AdtA7pVDtgWWmbxi536EAeWyppYn9RDsraAp/FZn0SStMTYYdE\noUNvJ5onHSES+SYI6ITfXfSXTI9rY7kcyY51hcs5v2H+LOxNOQglLroi77GM5nMB\nLbHUwxadaOFmYWIVGMD3MbDnJRNxActqWCnjA7nj66/5ceUxdy//gjz3zPfYeApb\nJnaDL/59/3H37zeaurXh\n=C6U1\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "db": "BID",
        "id": "62262"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65134"
      },
      {
        "db": "PACKETSTORM",
        "id": "123134"
      }
    ],
    "trust": 2.61
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-65134",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65134"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-5132",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "62262",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-042",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "54733",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2013-09-06-1",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "123134",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-65134",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65134"
      },
      {
        "db": "BID",
        "id": "62262"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "db": "PACKETSTORM",
        "id": "123134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5132"
      }
    ]
  },
  "id": "VAR-201309-0410",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65134"
      }
    ],
    "trust": 1.113494225
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      }
    ]
  },
  "last_update_date": "2025-04-11T23:09:50.021000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APPLE-SA-2013-09-06-1",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00000.html"
      },
      {
        "title": "HT5920",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5920"
      },
      {
        "title": "HT5920",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5920?viewlocale=ja_JP"
      },
      {
        "title": "Patch for Apple AirPort / Time Capsule Frame Handling Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/39422"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-189",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5132"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://support.apple.com/kb/ht5920"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00000.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5132"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5132"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/54733/"
      },
      {
        "trust": 0.3,
        "url": "http://software.cisco.com/download/navigator.html?mdfid=283613663"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5132"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.1,
        "url": "http://gpgtools.org"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65134"
      },
      {
        "db": "BID",
        "id": "62262"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "db": "PACKETSTORM",
        "id": "123134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5132"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65134"
      },
      {
        "db": "BID",
        "id": "62262"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "db": "PACKETSTORM",
        "id": "123134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5132"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-09-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "date": "2013-09-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65134"
      },
      {
        "date": "2013-09-07T00:00:00",
        "db": "BID",
        "id": "62262"
      },
      {
        "date": "2013-09-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "date": "2013-09-07T19:31:24",
        "db": "PACKETSTORM",
        "id": "123134"
      },
      {
        "date": "2013-09-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      },
      {
        "date": "2013-09-08T03:17:39.733000",
        "db": "NVD",
        "id": "CVE-2013-5132"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-09-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-12934"
      },
      {
        "date": "2013-09-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65134"
      },
      {
        "date": "2013-09-07T00:00:00",
        "db": "BID",
        "id": "62262"
      },
      {
        "date": "2013-09-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      },
      {
        "date": "2013-09-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2013-5132"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple AirPort Base Station Service operation interruption in firmware  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003995"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "digital error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-042"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2013-5132

Vulnerability from fkie_nvd - Published: 2013-09-08 03:17 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2013/Sep/msg00000.html	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT5920	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2013/Sep/msg00000.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5920	Vendor Advisory

Impacted products

Vendor	Product	Version
apple	airport_base_station_firmware	*
apple	airport_base_station_firmware	7.3.2
apple	airport_base_station_firmware	7.4.1
apple	airport_base_station_firmware	7.4.2
apple	airport_base_station_firmware	7.5.2
apple	airport_base_station_firmware	7.6
apple	airport_base_station_firmware	7.6.1
apple	airport_base_station_firmware	7.6.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B61CCE7-3F91-40C1-8A73-DAE66E1EAE77",
              "versionEndIncluding": "7.6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:airport_base_station_firmware:7.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C67621AD-92F2-4F99-AE42-32D59E4A3BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:airport_base_station_firmware:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1082C5-F10D-4421-A2F2-63A96A238F33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:airport_base_station_firmware:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB49EED-203A-444F-8D2A-4573AA82F54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:airport_base_station_firmware:7.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E19246-48AB-462D-8B7F-A76E9FCC8BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:airport_base_station_firmware:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6217CBB2-6C57-4F61-A43C-EAA57EFE3D61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:airport_base_station_firmware:7.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "562FAF48-BB1F-4E22-B7CC-7B67EE59112A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:airport_base_station_firmware:7.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F1034E8-FB4A-4763-90D7-C03F4C8E6D2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame."
    },
    {
      "lang": "es",
      "value": "Apple AirPort Base Station Firmware anterior a 7.6.4 no maneja apropiadamente longitudes de frame incorrectas, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue de dispositivo) asociando con el punto de acceso y m\u00e1s tarde enviando un frame corto."
    }
  ],
  "id": "CVE-2013-5132",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 5.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-09-08T03:17:39.733",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5920"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2013-5132

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-5132

Aliases

CVE-2013-5132

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-5132",
    "description": "Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame.",
    "id": "GSD-2013-5132"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-5132"
      ],
      "details": "Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame.",
      "id": "GSD-2013-5132",
      "modified": "2023-12-13T01:22:21.735921Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2013-5132",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "APPLE-SA-2013-09-06-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00000.html"
          },
          {
            "name": "http://support.apple.com/kb/HT5920",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5920"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:7.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:7.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:7.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:7.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:7.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:7.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:airport_base_station_firmware:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5132"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT5920",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5920"
            },
            {
              "name": "APPLE-SA-2013-09-06-1",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00000.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-09-18T15:30Z",
      "publishedDate": "2013-09-08T03:17Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-5132 (GCVE-0-2013-5132)

GHSA-X9XP-V54H-F3GP

VAR-201309-0410

FKIE_CVE-2013-5132

GSD-2013-5132

Tags

Sightings

Nomenclature