Signature Detail

Short Name	HTTP:CISCO:WIFI-AUTH-DOS
Severity	Medium
Recommended	No
Category	HTTP
Keywords	Cisco Wireless LAN Controller auth dos authentication overflow
Release Date	2009/08/13
Update Number	1484
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Cisco Wireless LAN Denial of Service

This signature detects attempts to exploit a known vulnerability against a Cisco Wireless LAN Controller. A successful attack can result in a denial-of-service condition.

Extended Description

Cisco Wireless LAN Controller is prone to a denial-of-service vulnerability when handling specially crafted HTTP requests. An attacker can exploit this issue to trigger an affected device to reboot, causing denial-of-service conditions. This issue affects Cisco Wireless LAN Controller 4402 (software release 5.1.151.0); other versions and devices may be affected as well.

Affected Products

Cisco 1500
Cisco 2000 Wireless LAN Controller (WLC)
Cisco 2006 Wireless LAN Controller (WLC)
Cisco 2100 Wireless LAN Controller (WLC)
Cisco 2106 Wireless LAN Controller (WLC)
Cisco 4100 Wireless LAN Controller (WLC)
Cisco 4200 Wireless LAN Controller (WLC)
Cisco 4400 Wireless LAN Controller (WLC)
Cisco 4402 Wireless LAN Controller (WLC)
Cisco 4404 Wireless LAN Controller (WLC)
Cisco 5500 Wireless LAN Controller (WLC)
Cisco Catalyst 3750G
Cisco Wireless LAN Control 4.2
Cisco Wireless LAN Control 4.2 M
Cisco Wireless LAN Control 5.0
Cisco Wireless LAN Control 5.1
Cisco Wireless LAN Control 5.2
Cisco Wireless Services Modules (WiSM)
Cisco WLC Modules for Integrated Services Routers

References

BugTraq: 35805

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Cisco Wireless LAN Denial of Service

Extended Description

Affected Products

References