CVE-2011-1418

The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:apple:apple_tv:4.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 01:26

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html - Vendor Advisory () http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html - Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html - Vendor Advisory () http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html - Vendor Advisory
References () http://support.apple.com/kb/HT4564 - Vendor Advisory () http://support.apple.com/kb/HT4564 - Vendor Advisory
References () http://support.apple.com/kb/HT4565 - Vendor Advisory () http://support.apple.com/kb/HT4565 - Vendor Advisory

Information

Published : 2011-03-11 22:55

Updated : 2024-11-21 01:26


NVD link : CVE-2011-1418

Mitre link : CVE-2011-1418

CVE.ORG link : CVE-2011-1418


JSON object : View

Products Affected

apple

  • iphone_os
  • apple_tv
  • tvos
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor