Apple Incorporated has released a fix on its website for its wireless networking hub (AirPort Extreme Base Station with 802.11n) that addresses a flaw that permitted incoming connections through the Wi-Fi hub, and another security hole that would let attackers see files on a password-protected machine. Only versions of the hub using the draft version of the 802.11n wireless networking standard require the 7.1 firmware upgrade. Danish internet security firm Secunia gave the vulnerabilities a rating of "less serious," the second-lowest on its five-point scale.
The previous instalment of the hub's firmware was set to allow connections through IPv6 (Internet Protocol version 6) and did not offer users a way to block or reject the incoming IPv6 connections. Incoming IPv4 connections are rejected by default. Only people on the same local network could exploit the flaw that permitted filenames on a password-protected AirPort disk to be viewed, Apple said.
News source: CBC News