Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в Cisco Wireless LAN Controller (multiple bugs)
дополнено с 13 апреля 2007 г.
Опубликовано:13 апреля 2007 г.
Источник:
SecurityVulns ID:7576
Тип:удаленная
Уровень опасности:
5/10
Описание:SNMP-community по-умолчанию, отказ в обслужиании при разборе фрейма Ethernet, многочисленные DoS-условия в NPU, не сохраняются списки контроля доступом, пароли по-умолчанию.
Затронутые продукты:CISCO : Cisco Aironet 1000
 CISCO : Cisco Aironet 1500
 CISCO : Cisco Catalyst 6500
 CISCO : Cisco 4400
 CISCO : Cisco 2100
 CISCO : Cisco Catalyst 3750
CVE:CVE-2007-2041 (Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195.)
 CVE-2007-2040 (Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192.)
 CVE-2007-2039 (The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841.)
 CVE-2007-2038 (The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug ID CSCsg36361.)
 CVE-2007-2037 (Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic.)
 CVE-2007-2036 (The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points (13.04.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород