AirPort Exploit Against Older PowerBooks and iMacs Published

Note the filename of the example exploit script.

Brian Krebs has a post on the exploit, along with a brief interview with the author, “H D Moore”:

Q: Do you have to using Kismet or the Airport utility to be compromised by this?

HD: This particular exploit only seems to trigger when the card is in active scanning mode. I was able to trigger a similar bug when the card is in “idle” (non-associated) state, but I need more time to investigate it before I can give you more information.

In other words, yes, the published exploit only works when the card is in active scanning mode, so even if you have a vulnerable machine, you’re probably not vulnerable in normal use.

Wednesday, 1 November 2006