what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2014-10-20-2

Apple Security Advisory 2014-10-20-2
Posted Oct 21, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-10-20-2 - Apple TV 7.0.1 is now available and addresses bluetooth and SSL 3.0 related security vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2014-3566, CVE-2014-4428
SHA-256 | c890e6b559bc3c39268a1477242e07d30dca426a1c327584e5bf3110bfd6fe17

Apple Security Advisory 2014-10-20-2

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-10-20-2 Apple TV 7.0.1

Apple TV 7.0.1 is now available and addresses the following:

Apple TV
Available for: Apple TV 3rd generation and later
Impact: A malicious Bluetooth input device may bypass pairing
Description: Unencrypted connections were permitted from Human
Interface Device-class Bluetooth Low Energy accessories. If a device
had paired with such an accessory, an attacker could spoof the
legitimate accessory to establish a connection. The issue was
addressed by denying unencrypted HID connections.
CVE-ID
CVE-2014-4428 : Mike Ryan of iSEC Partners

Apple TV
Available for: Apple TV 3rd generation and later
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of SSL
3.0 when a cipher suite uses a block cipher in CBC mode. An attacker
could force the use of SSL 3.0, even when the server would support a
better TLS version, by blocking TLS 1.0 and higher connection
attempts. This issue was addressed by disabling CBC cipher suites
when TLS connection attempts fail.
CVE-ID
CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of
Google Security Team


Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> General -> Update Software".

To check the current version of software, select
"Settings -> General -> About".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJURUI7AAoJEBcWfLTuOo7ts5IP/1xFhDUXTw1ve/+JVh7JwPy8
KM7/Uir10DiV9YCf1h9mnDqqZNbc1uvWGRoLpJ8VHs01M3STAr5PKbO9FOhzNz2H
vLhl+YXRunwgfVr/tzW4YPeypkusGXF33ktIOwqLJqeIwoh0j2HDPE7eS9ZDJOvw
r8bB8eLbAHQqjQ1looMxH8WCXPb6pp8pgWkkakaM9ys4edQUqfoGa1fVQ6qks4KF
9/fXBp1mZuQDL7mZWDUnSoK91rLp9AKwQ/Gs3zJuXaliBKjF5XZK6bzCiKtqnzfV
YOstG8YO/KlCqtValNcmJV0DrUtdouPaU007QnzF9IjKdB8SR2iJsqyxrSdlyJ7e
X8kyDibE4Wh2hHf+9LqbfgXl8dBX4j1TXLv1wGmmPOC8UOISnLZyqn3ORtQSaD7k
DsFlXhLGys5KFRc3N6bQMank1Xw12fCh21y45jNxIpIhlcPj4kzcqqQ1KSoVo3Y2
bn46HxSFZTTHsnEESItqTbCnrdY0LTuVWa8qGklyuhB7wzLLUBbsee8KU4Eehzvs
9Edkr840rPpJ8Lswees8x+U0lJKMnBwxnlw7s4dOGhh5OtCPbuHKmTYagscdV+es
cV6LDDlGeWjOtLibk76jh5NmmfYeNmRs1l4iImgvsASIisqeIbrayoKtoLS+Q7jR
k6fRn81qCCJ+pSUCEkir
=q+7g
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close