Cisco Systems Inc. issued an advisory today warning customers of several vulnerabilities in its wireless LAN controllers that could be exploited remotely to conduct a denial of service attack.
The Cisco 4100 and 4400 series wireless LAN controllers are affected as well as its Airespace 4000 series, its Catalyst 3750 series integrated wireless LAN controllers and its Catalyst 6500 series wireless services module (WiSM), according to the
The issue first came to light during a series of incidents at Duke University last week, when the Durham, N.C. school experienced temporary disruptions to its wireless network.
"Those conditions involve our deployment of a very large Cisco-based wireless network that supports multiple network protocols," said Tracy Futhey, Duke's chief information officer in a statement issued last week.
Futhey said Cisco provided a fix which was applied to Duke's network and there have been no recurrences of the problem since.
Cisco wireless LANs are used in homes and businesses to allow devices to communicate without being connected to a network with a cable. The problems are associated with the address resolution protocol (ARP), which provides a mapping between a device's IP address and its hardware address on the local network. The controllers contain flaws when "processing unicast ARP traffic where a unicast ARP request may be flooded on the LAN links between Wireless LAN Controllers in a mobility group." An attacker does not need to authenticate to exploit the vulnerability, Cisco said.
A software patch will be issued for the affected devices on July 27 for versions 3.2 and 4.0 of the devices. An update for version 4.1 is now available from Cisco. As a workaround, "Cisco recommends that operators require all clients to obtain their IP addresses from a DHCP server. To enforce this requirement, all WLANs can be configured with a DHCP Required setting, which disallows client static IP addresses."
Cisco will release software updates for versions 3.2 and 4.0 of the controller software on July 27.