Wednesday, January 23, 2013

Security & Hacking: "Multiple Vulnerabilities in Cisco Wireless LAN Controllers"

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc

Cut & Paste from above link:

"Summary

The Cisco Wireless LAN Controller (Cisco WLC) product family is affected by the following four vulnerabilities:
  • Cisco Wireless LAN Controllers Wireless Intrusion Prevention System (wIPS) Denial of Service Vulnerability
  • Cisco Wireless LAN Controllers Session Initiation Protocol Denial of Service Vulnerability
  • Cisco Wireless LAN Controllers HTTP Profiling Remote Code Execution Vulnerability
  • Cisco Wireless LAN Controllers SNMP Unauthorized Access Vulnerability

 

Vulnerable Products

For specific version information, refer to the Software Versions and Fixes section of this advisory.
Each of the following products is affected by at least one of the vulnerabilities covered in this security advisory:
  • Cisco 2000 Series WLC
  • Cisco 2100 Series WLC
  • Cisco 2500 Series WLC
  • Cisco 4100 Series WLC
  • Cisco 4400 Series WLC
  • Cisco 5500 Series WLC
  • Cisco 7500 Series WLC
  • Cisco 8500 Series WLC
  • Cisco 500 Series Wireless Express Mobility Controllers
  • Cisco Wireless Services Module (Cisco WiSM)
  • Cisco Wireless Services Module version 2 (Cisco WiSM version 2)
  • Cisco NME-AIR-WLC Module for Integrated Services Routers (ISRs)
  • Cisco NM-AIR-WLC Module for Integrated Services Routers (ISRs)
  • Cisco Catalyst 3750G Integrated WLCs
  • Cisco Flex 7500 Series Cloud Controller
  • Cisco Virtual Wireless Controller
  • Cisco Wireless Controller Software for Integrated Services Module 300 and Cisco Services-Ready Engine 700, 710, 900, and 910"

2 comments: