Vigil@nce: Cisco Catalyst, vulnerabilities of Wireless
February 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
Four vulnerabilities of Cisco Wireless products lead to denials of
service or to code execution.
Gravity: 2/4
Consequences: user access/rights, denial of service of service
Provenance: radio connection
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 4
Creation date: 04/02/2009
IMPACTED PRODUCTS
– Cisco Catalyst
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities impact following products:
– Cisco 4100/4400 Series Wireless LAN Controllers
– Cisco Catalyst 6500 Series/7600 Series Wireless Services Module
(WiSM)
– Cisco Catalyst 3750 Series Integrated Wireless LAN Controllers
An attacker can use a port scanner to force WebAuth to stop.
[grav:2/4; CSCsq44516, CVE-2009-0058]
An attacker can send malformed data to the login.html page of
WebAuth in order to stop it. [grav:2/4; CSCsm82364, CVE-2009-0059]
An attacker can send malformed IP packets in order to stop the
TSEC driver. [grav:2/4; CSCso60979, CVE-2009-0061]
A local attacker on WLC version 4.2.173.0 can obtain
administrative privileges. [grav:2/4; CSCsv62283, CVE-2009-0062]
CHARACTERISTICS
Identifiers: 108336, BID-33608, cisco-sa-20090204-wlc, CSCsm82364,
CSCso60979, CSCsq44516, CSCsv62283, CVE-2009-0058, CVE-2009-0059,
CVE-2009-0061, CVE-2009-0062, VIGILANCE-VUL-8444
http://vigilance.fr/vulnerability/Cisco-Catalyst-vulnerabilities-of-Wireless-8444