For those who use Airport, or Time Capsule have probably already downloaded the latest firmware update. If you haven’t then here are some of the fixes released in the firmware:

-The IPv6 Neighbor Discovery Protocol implementation does not validate the origin of Neighbor Discovery messages. By sending a maliciously crafted message, a remote user may cause a denial of service, observe private network traffic, or inject forged packets. This update addresses the issue by performing additional validation of Neighbor Discovery messages.

- An out-of-bounds memory access issue exists in the handling of PPPoE discovery packets. By sending a maliciously crafted PPPoE discovery packet, a remote user may be able to cause an unexpected device shutdown. This update addresses the issue through improved bounds checking

- When IPv6 support is enabled, IPv6 nodes use ICMPv6 to report errors encountered while processing packets. An implementation issue in the handling of incoming ICMPv6 “Packet Too Big” messages may cause an unexpected device shutdown. This update addresses the issue through improved handling of ICMPv6 messages.

If you want more detailed descriptions, or to download the update you can visit the support page, here.

Posted in Software |