Cisco Wireless LAN Controller IGMPv3远程拒绝服务漏洞

2014-03-11T00:00:00
ID SSV:61725
Type seebug
Reporter Root
Modified 2014-03-11T00:00:00

Description

Bugtraq ID:65980 CVE ID:CVE-2014-0704

Cisco Wireless LAN Controller负责全系统的无线LAN功能,例如安全策略、入侵保护、RF管理,服务质量和移动性。

Cisco Wireless LAN Controller IGMP处理子系统存在安全漏洞,由于不正确校验特制IGMP消息类型中的特定字段,攻击者可向网络注入恶意IGMPv3消息至WLC监听的网络,IGMP子系统在处理消息时可触发内存越界读,可使设备重载,造成拒绝服务攻击。 0 Cisco Wireless LAN Controller 4.x Cisco Wireless LAN Controller 5.x Cisco Wireless LAN Controller 6.x Cisco Wireless LAN Controller 7.2 Cisco Wireless LAN Controller 7.3 Cisco Wireless LAN Controller 7.4 Cisco Wireless LAN Controller 7.5 厂商补丁:

Cisco

Cisco Wireless LAN Controller 7.0.250.0,7.4.121.0或7.6.100.0已经修复该漏洞,建议用户下载更新: http://www.cisco.com/