CVE-2011-1418

The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses.

Published: Mar 11, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-1418
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
apple / iphone_os	3.0	3.0.x
apple / iphone_os	3.2	3.2.x
apple / iphone_os	3.1.3	3.1.3.x
apple / iphone_os	1.0.2	1.0.2.x
apple / iphone_os	4.0.2	4.0.2.x
apple / iphone_os	2.2	2.2.x
apple / iphone_os	1.1.1	1.1.1.x
apple / iphone_os	4.1	4.1.x
apple / iphone_os	2.0.0	2.0.0.x
apple / iphone_os	3.1.2	3.1.2.x
apple / iphone_os	3.0.1	3.0.1.x
apple / iphone_os	1.1.2	1.1.2.x
apple / iphone_os	3.1	3.1.x
apple / iphone_os	1.1.3	1.1.3.x
apple / iphone_os	1.1.0	1.1.0.x
apple / iphone_os	1.0.1	1.0.1.x
apple / iphone_os	2.1	2.1.x
apple / iphone_os	1.1.5	1.1.5.x
apple / iphone_os	4.0.1	4.0.1.x
apple / iphone_os	2.1.1	2.1.1.x
apple / iphone_os	1.1.4	1.1.4.x
apple / iphone_os	1.0.0	1.0.0.x
apple / iphone_os	2.0.2	2.0.2.x
apple / iphone_os	2.0	2.0.x
apple / iphone_os	2.0.1	2.0.1.x
apple / iphone_os	4.0	4.0.x
apple / iphone_os	-	4.2.x
apple / iphone_os	2.2.1	2.2.1.x
apple / iphone_os	3.2.1	3.2.1.x
apple / iphone_os	3.2.2	3.2.2.x
apple / apple_tv	4.0	4.0.x
apple / tvos	1.0.0	1.0.0.x
apple / tvos	1.1.0	1.1.0.x
apple / tvos	2.0.0	2.0.0.x
apple / tvos	2.0.1	2.0.1.x
apple / tvos	2.0.2	2.0.2.x
apple / tvos	2.1.0	2.1.0.x
apple / tvos	-	3.0.2.x

Vulnerability Database

289,599

CVE-2011-1418