Info

Disclosure

Mar 22, 2012

Discovery

Unknown

Dates

Exploit

Mar 22, 2012

Solution

Unknown

Description

Apple iPhone contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the device transmits the SSID of the three previous wireless networks that it was connected to. This may allow a remote attacker to gain access to SSID information.

Classification

Location: Remote / Network Access, Wireless Vector
Attack Type: Information Disclosure
Impact: Loss of Confidentiality
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Apple Inc.

iPhone

Unspecified

References

News Article: http://arstechnica.com/apple/news/2012/03/loose-lipped-iphones-top-the-list-of-smartphones-exploited-by-hacker.ars
Other Advisory URL: http://prezi.com/rpx0w4krsi3y/secrets-in-your-pocket-mark-wuergler/
Mail List Post: http://seclists.org/dailydave/2012/q1/59
http://seclists.org/dailydave/2012/q1/61
http://seclists.org/dailydave/2012/q1/65

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/84672