OSVDB ID: 85628

Title: Apple iOS WiFi Network Connection Handling Previously Accessed Network MAC Address Disclosure

Info

Disclosure

Sep 19, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Sep 19, 2012

Description

Apple iOS contains a flaw that is triggered upon connecting to a Wi-Fi network. When connected the device may broadcast the MAC addresses of networks that have been recently accessed via the DNAv4 protocol. This may allow a remote attacker to gain access to MAC address information.

Classification

Location: Remote / Network Access
Impact: Loss of Confidentiality
Solution: Upgrade
Exploit: Exploit Private
Disclosure: Vendor Verified, Coordinated Disclosure

Solution

Upgrade to version 6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Apple Inc.

Apple iOS

5.1.1

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/85628