Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Aironet_ap1100 | Cisco | * | * |
| Aironet_ap1130ag | Cisco | * | * |
| Aironet_ap1200 | Cisco | * | * |
| Aironet_ap1230ag | Cisco | * | * |
| Aironet_ap1240ag | Cisco | * | * |
| Aironet_ap1300 | Cisco | * | * |
| Aironet_ap1400 | Cisco | * | * |
| Aironet_ap350 | Cisco | * | * |
References
- http://secunia.com/advisories/18430
- http://securityreason.com/securityalert/339
- http://securitytracker.com/id?1015483
- http://www.cisco.com/warp/public/707/cisco-sa-20060112-wireless.shtml
- http://www.osvdb.org/22375
- http://www.securityfocus.com/bid/16217
- http://www.vupen.com/english/advisories/2006/0176
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24086
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5680
- http://secunia.com/advisories/18430
- http://securityreason.com/securityalert/339
- http://securitytracker.com/id?1015483
- http://www.cisco.com/warp/public/707/cisco-sa-20060112-wireless.shtml
- http://www.osvdb.org/22375
- http://www.securityfocus.com/bid/16217
- http://www.vupen.com/english/advisories/2006/0176
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24086
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5680