The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html | Vendor Advisory |
http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html | Vendor Advisory |
http://support.apple.com/kb/HT4564 | Vendor Advisory |
http://support.apple.com/kb/HT4565 | Vendor Advisory |
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html | Vendor Advisory |
http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html | Vendor Advisory |
http://support.apple.com/kb/HT4564 | Vendor Advisory |
http://support.apple.com/kb/HT4565 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 01:26
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html - Vendor Advisory | |
References | () http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html - Vendor Advisory | |
References | () http://support.apple.com/kb/HT4564 - Vendor Advisory | |
References | () http://support.apple.com/kb/HT4565 - Vendor Advisory |
Information
Published : 2011-03-11 22:55
Updated : 2024-11-21 01:26
NVD link : CVE-2011-1418
Mitre link : CVE-2011-1418
CVE.ORG link : CVE-2011-1418
JSON object : View
Products Affected
apple
- iphone_os
- apple_tv
- tvos
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor