Proof-of-concept code has been posted for a vulnerability in Apple’s wireless drivers. The code, which was posted by security researcher HD Moore, exploits a flaw in the Proxim Wireless Orinoco wireless cards used by PowerBooks and iMacs built between 1999 and 2003.
According to Apple, the issue only affects a small percentage of previous generation AirPort-enabled Macs and does not affect Macs currently being distributed, or AirPort Extreme-enabled Macs.
Moore posted the code as part of the Month of Kernel Bugs project, which aims to point out a new vulnerability in an existing operating system every day during November. It is modelled the Month of Browser Bugs project, which disclosed one new browser vulnerability per day during July.
The kernel bug project was launched with a reference to a vulnerability in Mac OS systems that used third-party wireless cards, which security researcher reported at the Black Hat USA conference in August. Their claims have been criticised because their demonstration used a third-party wireless card rather than the one distributed with the MacBook and the code used in their attack has not been published.
In September, Apple released patches for a number of flaws in its wireless products and later announced that it was working with SecureWorks on security issues.