Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности Cisco Wireless LAN Controller
Опубликовано:27 января 2013 г.
Источник:
SecurityVulns ID:12842
Тип:удаленная
Уровень опасности:
6/10
Описание:Отказ при обработке IP-пакета в IPS, отказ при обработке SIP, несанкционированный доступ через SNMP, выполнение кода через HTTP Profiling.
Затронутые продукты:CISCO : Cisco 500
 CISCO : Cisco 2100
 CISCO : Cisco 4100
 CISCO : Cisco 5500
 CISCO : Cisco 4400
 CISCO : Cisco 2000
 CISCO : Catalyst 3750G
 CISCO : Cisco 2500
 CISCO : Cisco Flex 7500
 CISCO : Cisco 7500
 CISCO : Cisco 8500
CVE:CVE-2013-1105 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.3, 7.1 and 7.2 before 7.2.111.3, and 7.3 before 7.3.101.0 allow remote authenticated users to bypass wireless-management settings and read or modify the device configuration via an SNMP request, aka Bug ID CSCua60653.)
 CVE-2013-1104 (The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636.)
 CVE-2013-1103 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP packets, aka Bug ID CSCts87659.)
 CVE-2013-1102 (The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers to cause a denial of service (device reload) via crafted IP packets, aka Bug ID CSCtx80743.)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород