Cisco corrects serious Wireless LAN flaws

Several denial-of-service vulnerabilities and a privilege escalation flaw affects a wide range of Cisco Wireless LAN controllers, the networking giant warned.

This Content Component encountered an error

Cisco Systems Inc. addressed several serious vulnerabilities in its Wireless LAN controllers that could be exploited by attackers to cause a denial-of-service (DoS) condition.

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

In a Cisco advisory released Wednesday, the networking giant said two DoS vulnerabilities affect software versions 4.2 and later on all its wireless platforms. A third DoS flaw affects versions 4.1 and later on Cisco 4400 series, 6500/7600 series and 3750 series wireless LAN controllers.

Cisco said an attacker could use a vulnerability scanner to make the LAN controller stop servicing Web authentication or cause the device to reload. An attacker can trigger the device to reload by sending certain IP packets or a malformed post to the Web authentication "login.html" page, Cisco said. The highest Common Vulnerability Scoring System (CVSS) rating was a 7.8.

In addition, Cisco warned that a privilege escalation vulnerability affects software version 4.2.173.0. A successful exploit could give a restricted user the ability to gain full administrative rights on an affected system, Cisco said. The flaw was given a CVSS base score of 9 since it would give a user complete control of a system.

This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close