CVE-2010-0962

Currently unrated

Key Information:

Vendor: Apple
Status: Time Capsule; Airport Extreme; Airport Express
Vendor: CVE Published:; 10 March 2010

Summary

The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/56701

vdb-entryx_refsource_XF

http://www.securityfocus.com/archive/1/509867/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/38543

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 10, 2010
Vulnerability Reserved
Mar 10, 2010