CVE-2009-2189 - OpenCVE

The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of (1) Router Advertisement and (2) Neighbor Discovery packets, which allows remote attackers to cause a denial of service (resource consumption and device restart) by sending many packets.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:A/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Airport Express Airport Express Base Station Firmware Airport Extreme Airport Extreme Base Station Firmware Time Capsule

Configuration 1 [-]

AND

OR	cpe:2.3:h:apple:airport_express_base_station_firmware::::::::
	cpe:2.3:h:apple:airport_express_base_station_firmware:3.84:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:4.0.9:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:6.1:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:6.3:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:7.3.2:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:7.4.1:::::::*
	cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.5:::::::*
	cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.7:::::::*

OR	cpe:2.3:h:apple:airport_express::::::::
	cpe:2.3:h:apple:airport_extreme::::::::
	cpe:2.3:h:apple:time_capsule::::::::

No data.

References

Link	Providers
http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html
http://support.apple.com/kb/HT4298
http://www.securitytracker.com/id?1024907

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-12-22T01:00:00

Updated: 2024-08-07T05:44:55.182Z

Reserved: 2009-06-24T00:00:00

Link: CVE-2009-2189

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-12-22T03:00:01.347

Modified: 2011-01-19T06:48:42.250

Link: CVE-2009-2189

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-12-16T00:00:00", "descriptions": [{"lang": "en", "value": "The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of (1) Router Advertisement and (2) Neighbor Discovery packets, which allows remote attackers to cause a denial of service (resource consumption and device restart) by sending many packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-01-19T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "APPLE-SA-2010-12-16-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4298"}, {"name": "1024907", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024907"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-2189", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of (1) Router Advertisement and (2) Neighbor Discovery packets, which allows remote attackers to cause a denial of service (resource consumption and device restart) by sending many packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2010-12-16-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html"}, {"name": "http://support.apple.com/kb/HT4298", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4298"}, {"name": "1024907", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024907"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:44:55.182Z"}, "title": "CVE Program Container", "references": [{"name": "APPLE-SA-2010-12-16-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4298"}, {"name": "1024907", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1024907"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-2189", "datePublished": "2010-12-22T01:00:00", "dateReserved": "2009-06-24T00:00:00", "dateUpdated": "2024-08-07T05:44:55.182Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9226648-A35A-48C7-97B2-B641AF1AC064", "versionEndIncluding": "7.4.2", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:3.84:*:*:*:*:*:*:*", "matchCriteriaId": "5BE83F1E-AE73-4EA3-BB24-00AB2CD5E5AE", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "EDFC5591-5F55-414F-99EC-EF560F131A01", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A9263C8C-E71C-4922-ABCD-ED71AACE2C6A", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "64341069-B93B-48F3-946F-4248231B6AA7", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:7.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "508DE2BA-DCA6-4249-B534-30EEFA2548FE", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "3333BFC0-037A-4926-BCBE-C0F0C1204B89", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "3420DD2D-4B5B-4112-AE49-20FA97608495", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "546C47A2-D8CE-4341-968A-051F81BAF904", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:apple:airport_express:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2C90704-400C-4BA2-9CF5-96C3A42B620E", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:airport_extreme:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0B25975-DD1E-430F-9AB0-F363E4BF743B", "vulnerable": true}, {"criteria": "cpe:2.3:h:apple:time_capsule:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECA814FD-FE33-44E3-9A40-805E6C9C4ED9", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of (1) Router Advertisement and (2) Neighbor Discovery packets, which allows remote attackers to cause a denial of service (resource consumption and device restart) by sending many packets."}, {"lang": "es", "value": "La implementaci\u00f3n ICMPv6 en Apple Time Capsule, AirPort Extreme Base Station, y AirPort Express Base Station con firmware anterior a v7.5.2 no limita la tasa de paquetes (1) Router Advertisement y (2) Neighbor Discovery, lo cual permite a los atacantes remotos causar una denegaci\u00f3n de servicio (consumo de recursos y reinicio del dispositivo) a trav\u00e9s del env\u00edo de muchos paquetes."}], "id": "CVE-2009-2189", "lastModified": "2011-01-19T06:48:42.250", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-12-22T03:00:01.347", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.apple.com/kb/HT4298"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1024907"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}