Intrusion Prevention

Apple.iOS.OSX.SSL.MITM

Description

This indicates an man-in-the-middle (MITM) attack attempt to exploit the vulnerability in Apple products.
The vulnerability is due to a logic error in Apple iOS ,Apple TV and Apple OS X when vulnerable module checking the signature in a TLS Server Key Exchange message.

Affected Products

Apple iOS 6.x Prior to 6.1.6
Apple iOS 7.x Prior to 7.0.6
Apple TV Prior to 6.0.2
Apple OS X Prior to 10.9.2

Impact

Information disclosure
unauthorized data modification

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://support.apple.com/kb/HT1222

CVE References

CVE-2014-1266