Article

Cisco corrects serious Wireless LAN flaws

SearchSecurity.com Staff

Cisco Systems Inc. addressed several serious vulnerabilities in its Wireless LAN controllers that could be exploited by attackers to cause a denial-of-service (DoS) condition.

    Requires Free Membership to View

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

In a Cisco advisory released Wednesday, the networking giant said two DoS vulnerabilities affect software versions 4.2 and later on all its wireless platforms. A third DoS flaw affects versions 4.1 and later on Cisco 4400 series, 6500/7600 series and 3750 series wireless LAN controllers.

Cisco said an attacker could use a vulnerability scanner to make the LAN controller stop servicing Web authentication or cause the device to reload. An attacker can trigger the device to reload by sending certain IP packets or a malformed post to the Web authentication "login.html" page, Cisco said. The highest Common Vulnerability Scoring System (CVSS) rating was a 7.8.

In addition, Cisco warned that a privilege escalation vulnerability affects software version 4.2.173.0. A successful exploit could give a restricted user the ability to gain full administrative rights on an affected system, Cisco said. The flaw was given a CVSS base score of 9 since it would give a user complete control of a system.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: