Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Wireless LAN Controller multiple security vulnerabilities
Published:27.01.2013
Source:
SecurityVulns ID:12842
Type:remote
Threat Level:
6/10
Description:DoS via IP packet processing in IPS, DoS via SIP packet, SNMP unauthorized access, HTTP Profiling code execution.
Affected:CISCO : Cisco 500
 CISCO : Cisco 2100
 CISCO : Cisco 4100
 CISCO : Cisco 5500
 CISCO : Cisco 4400
 CISCO : Cisco 2000
 CISCO : Catalyst 3750G
 CISCO : Cisco 2500
 CISCO : Cisco Flex 7500
 CISCO : Cisco 7500
 CISCO : Cisco 8500
CVE:CVE-2013-1105 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.3, 7.1 and 7.2 before 7.2.111.3, and 7.3 before 7.3.101.0 allow remote authenticated users to bypass wireless-management settings and read or modify the device configuration via an SNMP request, aka Bug ID CSCua60653.)
 CVE-2013-1104 (The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636.)
 CVE-2013-1103 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP packets, aka Bug ID CSCts87659.)
 CVE-2013-1102 (The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers to cause a denial of service (device reload) via crafted IP packets, aka Bug ID CSCtx80743.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod