Rapid7 Vulnerability & Exploit Database

Apple iOS Vulnerability: CVE-2011-1418

Back to Search

Apple iOS Vulnerability: CVE-2011-1418

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
03/11/2011
Created
07/25/2018
Added
10/08/2014
Modified
10/08/2014

Description

The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses.

Solution(s)

  • apple-ios-upgrade-latest

References

  • apple-ios-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;