• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2005-07-19 AirPort 4.2
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2005-07-19 AirPort 4.2

  • Subject: APPLE-SA-2005-07-19 AirPort 4.2
  • From: Apple Product Security <email@hidden>
  • Date: Tue, 19 Jul 2005 09:48:03 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-07-19 AirPort 4.2

AirPort 4.2 is now available and delivers the following security
enhancement:

Available for:  Mac OS X 10.3.3 to Mac OS X 10.3.9, and Mac OS X
10.4.2
CVE-ID:  CAN-2005-2196
Impact:  Mobile users with the original AirPort card enabled could
automatically associate to an malicious network
Description: When not connected to a known or trusted network, the
AirPort card "parks" on a randomly generated network with a default
WEP key.  This can allow parked AirPort cards to automatically
connect to malicious networks without warning.  This condition only
applies to AirPort cards and does not affect AirPort Extreme.  The
System Profiler utility can be used to indicate the type of AirPort
card installed.  This update addresses the problem by using a
randomly-generated 128-bit WEP key instead of the default WEP key.
Credit to Dino Dai Zovi for reporting this issue.

AirPort 4.2 may be obtained from the Software Update pane in
System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

For Mac OS X v10.3.3 through Mac OS X v10.3.9
The download file is named:  "AirPortSW42.dmg"
Its SHA-1 digest is:  bf2876b1873392e64b2e1061b835d35bfb67c3a6

The AirPort security fix is also contained within the
Mac OS X v10.4.2 update:

If updating from Mac OS X v10.4.1
The download file is named:  "MacOSXUpdate10.4.2.dmg"
Its SHA-1 digest is:  5a11375c29f1f656061189b9467cf9291153de46

If updating from Mac OS X v10.4
The download file is named:  "MacOSXUpdateCombo10.4.2.dmg"
Its SHA-1 digest is:  5149def0b79f030bdb2763283c376e4d87d085e9

Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQt0uX4HaV5ucd/HdAQJnOQf+JLtyvWFB+Y8sDkiN4VB2MQN2LURiyAUp
hGng/+F2JN1Y4AV1gD2eSqIvi4MYuaINiF0lrzGCmANxcX9S8VrHzRy21rrDKGNU
3RTaq1ZDHV4or9+ZznkWzJXEDAeLKprhYqhvpEyKGEQAUAxamXxBGB8Cfne5FDzA
qb+JeGO0vV5S/d0XTs4KXzuX06QkNsZ8G01F7hsZ+LeRRqdA08ZQrK0NihDc+l/j
QXSprcPqJQmYQciQycyPHLed3XWoXSbVE53NTbfa4ahxqwd9ldJAKyUZwOhW0Y1D
vCSUcEnV2RA2+ckuW6cPWxzwxzMhQ7xqTA1DT6VAtVfbrJZ5PICnPw==
=9ogg
-----END PGP SIGNATURE-----

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




    

  • Prev by Date:
APPLE-SA-2005-07-12 Darwin Streaming Server 5.5.1

    • 

  • Previous by thread:
APPLE-SA-2005-07-12 Darwin Streaming Server 5.5.1

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •