VAR-200512-0301
Vulnerability from variot - Updated: 2025-04-03 22:37The network interface for Apple AirPort Express 6.x before Firmware Update 6.3, and AirPort Extreme 5.x before Firmware Update 5.7, allows remote attackers to cause a denial of service (unresponsive interface) via malformed packets. The Apple AirPort device is a wireless access point that provides 802.11 services to network clients.
A denial of service vulnerability exists in Apple AirPort. A malicious network attacker can send a specially crafted message, causing the network interface of the AirPort base station to stop responding. This occurs when the device handles malformed packets. Specific details regarding this issue are not currently known. This record will be updated when more information becomes available. AirPort Express firmware versions prior to 6.3 and AirPort Extreme firmware versions prior to 5.7 are vulnerable.
The vulnerability is caused due to an unspecified error in the base station when handling certain network packets.
SOLUTION: Apply updated firmware.
ORIGINAL ADVISORY: http://docs.info.apple.com/article.html?artnum=303072
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Credit to Michael Zanetta of NETwork Security Consortium for reporting this issue
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0301",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "airport extreme",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.5"
},
{
"model": "airport express",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "6.1"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "airport extreme",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.7"
},
{
"model": "airport express",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0024"
},
{
"db": "BID",
"id": "16146"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-761"
},
{
"db": "NVD",
"id": "CVE-2005-3714"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Michael Zanetta.",
"sources": [
{
"db": "BID",
"id": "16146"
}
],
"trust": 0.3
},
"cve": "CVE-2005-3714",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-3714",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-14922",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-3714",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-761",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-14922",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14922"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-761"
},
{
"db": "NVD",
"id": "CVE-2005-3714"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The network interface for Apple AirPort Express 6.x before Firmware Update 6.3, and AirPort Extreme 5.x before Firmware Update 5.7, allows remote attackers to cause a denial of service (unresponsive interface) via malformed packets. The Apple AirPort device is a wireless access point that provides 802.11 services to network clients. \n\n\u00a0A denial of service vulnerability exists in Apple AirPort. A malicious network attacker can send a specially crafted message, causing the network interface of the AirPort base station to stop responding. This occurs when the device handles malformed packets. \nSpecific details regarding this issue are not currently known. This record will be updated when more information becomes available. \nAirPort Express firmware versions prior to 6.3 and AirPort Extreme firmware versions prior to 5.7 are vulnerable. \n\nThe vulnerability is caused due to an unspecified error in the base\nstation when handling certain network packets. \n\nSOLUTION:\nApply updated firmware. \n\nORIGINAL ADVISORY:\nhttp://docs.info.apple.com/article.html?artnum=303072\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Credit to Michael Zanetta of NETwork Security\nConsortium for reporting this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3714"
},
{
"db": "CNVD",
"id": "CNVD-2006-0024"
},
{
"db": "BID",
"id": "16146"
},
{
"db": "VULHUB",
"id": "VHN-14922"
},
{
"db": "PACKETSTORM",
"id": "42831"
},
{
"db": "PACKETSTORM",
"id": "42867"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-14922",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14922"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-3714",
"trust": 2.7
},
{
"db": "BID",
"id": "16146",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "18319",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1015443",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "22244",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-0064",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200512-761",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2006-0024",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "8379",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-01-05",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "42867",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-14922",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42831",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0024"
},
{
"db": "VULHUB",
"id": "VHN-14922"
},
{
"db": "BID",
"id": "16146"
},
{
"db": "PACKETSTORM",
"id": "42831"
},
{
"db": "PACKETSTORM",
"id": "42867"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-761"
},
{
"db": "NVD",
"id": "CVE-2005-3714"
}
]
},
"id": "VAR-200512-0301",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14922"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:37:25.854000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14922"
},
{
"db": "NVD",
"id": "CVE-2005-3714"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/jan/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16146"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/22244"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015443"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18319"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/0064"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0064"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/8379"
},
{
"trust": 0.3,
"url": "http://www.apple.com/airport/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/support/airport/"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=303072"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18319/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/airportexpressfirmwareupdate63formacosx.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/airportexpressfirmwareupdate63forwindows.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/airportextremefirmwareupdate57forwindows.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4504/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4503/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/airportextremefirmwareupdate57formacosx.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3714"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=61798"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14922"
},
{
"db": "BID",
"id": "16146"
},
{
"db": "PACKETSTORM",
"id": "42831"
},
{
"db": "PACKETSTORM",
"id": "42867"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-761"
},
{
"db": "NVD",
"id": "CVE-2005-3714"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2006-0024"
},
{
"db": "VULHUB",
"id": "VHN-14922"
},
{
"db": "BID",
"id": "16146"
},
{
"db": "PACKETSTORM",
"id": "42831"
},
{
"db": "PACKETSTORM",
"id": "42867"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-761"
},
{
"db": "NVD",
"id": "CVE-2005-3714"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-01-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-0024"
},
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-14922"
},
{
"date": "2006-01-05T00:00:00",
"db": "BID",
"id": "16146"
},
{
"date": "2006-01-06T17:58:29",
"db": "PACKETSTORM",
"id": "42831"
},
{
"date": "2006-01-08T05:28:43",
"db": "PACKETSTORM",
"id": "42867"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-761"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-3714"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-01-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-0024"
},
{
"date": "2011-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-14922"
},
{
"date": "2006-01-05T00:00:00",
"db": "BID",
"id": "16146"
},
{
"date": "2006-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-761"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-3714"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-761"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple AirPort Remote Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0024"
},
{
"db": "BID",
"id": "16146"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-761"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-761"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…