By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
- AirPort Exploit Against Older PowerBooks and iMacs Published
-
Note the filename of the example exploit script.
Brian Krebs has a post on the exploit, along with a brief interview with the author, “H D Moore”:
Q: Do you have to using Kismet or the Airport utility to be compromised by this?
HD: This particular exploit only seems to trigger when the card is in active scanning mode. I was able to trigger a similar bug when the card is in “idle” (non-associated) state, but I need more time to investigate it before I can give you more information.
In other words, yes, the published exploit only works when the card is in active scanning mode, so even if you have a vulnerable machine, you’re probably not vulnerable in normal use.
★ Wednesday, 1 November 2006