FYI...
-
http://www.cisco.com...es_listing.htmlCisco Applied Mitigation Bulletins
-
http://tools.cisco.c...ter/searchAIR.xLast updated: 08 Sep 2010
Cisco Wireless LAN Controllers - multiple vulns...
-
http://cisco.com/war...00908-wlc.shtml2010 September 08 - "Summary:
The Cisco Wireless LAN Controller (WLC) product family is affected by these vulnerabilities:
• Two denial of service (DoS) vulnerabilities
• Three privilege escalation vulnerabilities
• Two access control list (ACL) bypass vulnerabilities
Note: These vulnerabilities are independent of one another. A device may be affected by one vulnerability and not affected by another.
Cisco has released free software updates that address these vulnerabilities.
There are no workarounds to mitigate these vulnerabilities..."
(See "Affected Products" and "Software Versions and Fixes"...)-
http://secunia.com/advisories/41357/Release Date: 2010-09-09
Impact: Security Bypass, Privilege escalation, DoS
Where: From local network
... The vulnerabilities are reported in the following products:
* Cisco 2000 Series WLCs
* Cisco 2100 Series WLCs
* Cisco 4100 Series WLCs
* Cisco 4400 Series WLCs
* Cisco 5500 Series WLCs
* Cisco Wireless Services Modules (WiSMs)
* Cisco WLC Modules for Integrated Services Routers (ISRs)
* Cisco Catalyst 3750G Integrated WLCs
Solution: Update to a fixed version (Please see vendor's advisory for details).
Original Advisory: cisco-sa-20100908-wlc:
http://www.cisco.com...00908-wlc.shtml-
http://securitytrack...ep/1024408.htmlSep 8 2010
Edited by apluswebmaster, 09 September 2010 - 08:58 AM.