MY80211
INTEL WIRELESS
CCIE Wireless V3
Cisco Wireless
Wired Stuff
CCIE Wireless v2
WiFi Tablet Corner
My80211 Projects
WiFi Tools
CWNP or BUST Blogs!
My80211 White Papers (Coming Soon!)

Cisco Wireless Compatibility Matrix (Nov. 2011)

Archives - Cisco Alerts
Podcasts / Videos

My80211 Videos

Cisco: 802 11 frames with Cisco VIP George Stefanick

Fluke Networks: Minimize Wi Fi Network Downtime

Aruba: Packets never lie: An in-depth overview of 802.11 frames

ATM15 Ten Talk “Wifi drivers and devices”

Houston Methodist Innovates with Wireless Technology

Bruce Frederick Antennas (1/2)

 

Bruce Frederick dB,dBi,dBd (2/2)

Cisco AP Group Nugget

Info
Social Links
Revolution WiFi Capacity Planner

Blogroll Call
Cerification Guides and Books
IEEE 802.11 STANDARDS
Anchor / Office Extends Ports

 

Peek Inside Cisco's Gear

See inside Cisco's latest wireless gear!

2.4 GHz Channel Overlap

EXAMPLE 1  

EXAMPLE 2

EXAMPLE 3  

CWSP RELEASE DATE 2/08/2010
  • CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    by David D. Coleman, David A. Westcott, Bryan E. Harkins, Shawn M. Jackman

    Shawn Jackman (Jack) CWNE#54 is a personal friend and has been a mentor to me for many years.  I've had the pleasure and opportunity to work with Jack for 4 years. Jack is a great teacher who takes complex 802.11 standards and breaks them down so almost anyone can understand the concept at hand. I'm excited for you brother. Great job and job well done! Put another notch in the belt!

IEEE 802.11a/g/n Reference Sheet

 

LWAPP QoS Packet Tagging

 

 

Interference Types

BLUETOOTH
 

Microwave Oven
 

Cordless Phone

JAMMER!
 

« 8/25/09 - Cisco Lightweight Access Point Over-the-Air Provisioning Manipulation Vulnerability | Main | End-of-Sale and End-of-Life Announcement for the Cisco Power Supply for Cisco Aironet 1130, 1140, 1240 and 1300 Series Access Point »
Tuesday
Jul282009

7/27/09 - Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 

DateTuesday, July 28, 2009 at 7:38PM

Summary

Multiple vulnerabilities exist in the Cisco Wireless LAN Controller (WLC) platforms. This security advisory outlines the details of the following vulnerabilities:

  • Malformed HTTP or HTTPS authentication response denial of service vulnerability
  • SSH connections denial of service vulnerability
  • Crafted HTTP or HTTPS request denial of service vulnerability
  • Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability

Cisco has released free software updates that address these vulnerabilities.

This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20090727-wlc.shtml

Cisco Wireless LAN Controllers (WLCs) are responsible for system-wide wireless LAN functions, such as security policies, intrusion prevention, RF management, quality of service (QoS), and mobility.

These devices communicate with controller-based access points over any Layer 2 (Ethernet) or Layer 3 (IP) infrastructure using the Lightweight Access Point Protocol (LWAPP).

This security advisory describes multiple distinct vulnerabilities in the WLC family of devices.

  • Malformed HTTP or HTTPS authentication response denial of service vulnerability
    An attacker with access to the administrative web interface via HTTP or HTTPS may cause the device to reload by providing a malformed response to an authentication request.

    Note: The vulnerability can be exploited only via the administrative web-based interface; Web Authentication features are not affected.

    This vulnerability is documented in Cisco Bug ID CSCsx03715 ( registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2009-1164.
  • SSH connections denial of service vulnerability
    Affected devices may be susceptible to a memory leak when they handle SSH management connections. An attacker could use this behavior to cause an affected device to crash and reload.

    Note: A three-way handshake is not required to exploit this vulnerability.

    This vulnerability is documented in Cisco Bug ID CSCsw40789 ( registered customers only) and has been assigned CVE ID CVE-2009-1165.
  • Crafted HTTP or HTTPS request denial of service vulnerability
    An attacker with the ability to send a malicious HTTP request to an affected WLC could cause the device to crash and reload.

    Note: The vulnerability can be exploited only via the administrative web-based interface; Web Authentication features are not affected.

    This vulnerability is documented in Cisco Bug ID CSCsy27708 ( registered customers only) and has been assigned CVE ID CVE-2009-1166.
  • Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability
    An unauthorized configuration modification vulnerability exists in all software versions prior to the first fixed release. A remote, unauthenticated attacker who can submit HTTP or HTTPS requests to the WLC directly could gain full control of the affected device.

    Note: The vulnerability can be exploited only by submitting such a request to an IP address that is bound to an administrative interface or VLAN.


    The vulnerability is documented by Cisco Bug ID CSCsy44672 ( registered customers only) and has been assigned CVE ID CVE-2009-1167.

You can read more at: http://www.cisco.com/en/US/products/products_security_advisory09186a0080adb3d7.shtml#@ID

AuthorGeorge | CommentPost a Comment |

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.