Apple Airport Administrative Port Credential Encryption Weakness

high Nessus Network Monitor Plugin ID 1886

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote host is an Apple Airport Wireless Access Point, which can be administrated on top of port 5009. There is a flaw in the administration protocol of this device which makes its password to be transmitted in cleartext over the network. An attacker could sniff this information, recover the password, and use it to gain administrative privileges on this host.

Solution

Block incoming traffic to this port, and only administer this device via a cross-over cable.

Plugin Details

Severity: High

ID: 1886

Family: Data Leakage

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 11620

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 7.2

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:W/RC:X

Vulnerability Information

CPE: cpe:/h:apple:802.11n

Reference Information

CVE: CVE-2003-0270

BID: 7554

Detections

Analytics