2.6

CVE-2010-0039

EPSS 0.31%
Veröffentlicht 22.12.2010 03:00:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle product-security@apple.com
Teams Watchlist Login
Unerledigt Login

The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 modifies PORT commands in incoming FTP traffic, which allows remote attackers to use the device's IP address for arbitrary intranet TCP traffic by leveraging write access to an intranet FTP server.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Airport Express Base Station Firmware Version <= 7.4.2

Apple ≫ Airport Express Base Station Firmware Version3.84

Apple ≫ Airport Express Base Station Firmware Version4.0.9

Apple ≫ Airport Express Base Station Firmware Version6.1

Apple ≫ Airport Express Base Station Firmware Version6.3

Apple ≫ Airport Express Base Station Firmware Version7.3.2

Apple ≫ Airport Express Base Station Firmware Version7.4.1

Apple ≫ Airport Extreme Base Station Firmware Version5.5

Apple ≫ Airport Extreme Base Station Firmware Version5.7

Apple ≫ Airport Express

Apple ≫ Airport Extreme

Apple ≫ Time Capsule

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.31%	0.508

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:P/I:N/A:N

http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html

Patch

Vendor Advisory

http://support.apple.com/kb/HT4298

Patch

Vendor Advisory

http://www.securitytracker.com/id?1024907

https://nvd.nist.gov/vuln/detail/CVE-2010-0039

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0039

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0039

EUVD