‘Cisco Wireless LAN Controllers Denial of Service Vulnerability’
‘The original article can be found at: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7950e.shtm‘
* Cisco WLC software versions 6.0 and later
* Cisco 2100 Series Wireless LAN Controllers
* Cisco WLC526 Mobility Express Controller (AIR-WLC526-K9)
* Cisco NME-AIR-WLC Modules for Integrated Services Routers (ISRs)
* Cisco NM-AIR-WLC Modules for Integrated Services Routers (ISRs)
The Cisco Wireless LAN Controller (WLC) product family is affected by a denial of service (DoS) vulnerability where an unauthenticated attacker could cause a device reload by sending a series of ICMP packets.
Cisco WLCs and Cisco WiSMs are responsible for system-wide wireless LAN functions, such as security policies, intrusion prevention, RF management, quality of service (QoS), and mobility.
These devices communicate with controller-based access points over any Layer 2 (Ethernet) or Layer 3 (IP) infrastructure using the Lightweight Access Point Protocol (LWAPP) and the Control and Provisioning of Wireless Access Points (CAPWAP) protocol.
The Cisco WLC family of devices is affected by a DoS vulnerability that can allow an unauthenticated attacker to cause the device to reload by sending a series of ICMP packets. This vulnerability can be exploited from both wired and wireless segments.
When considering software upgrades, also consult:
and any subsequent advisories to determine exposure and a complete upgrade solution.
Revision 1.0 2011-April-27 Initial public release.’