Denial of Service Vulnerability in Cisco Wireless LAN Controller
CVE-2012-0368

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Lan Controller Software; 2000 Wireless Lan Controller; 2100 Wireless Lan Controller; 2106 Wireless Lan Controller
Vendor: CVE Published:; 1 March 2012

Summary

The administrative management interface on Cisco Wireless LAN Controller devices is susceptible to a denial of service attack due to improper handling of malformed URLs in HTTP requests. This issue can be exploited remotely, allowing attackers to crash the device and disrupt network services. Variants of the affected software exist, with versions earlier than 7.0.220.0, 7.1.91.0, and 7.2.103.0 being particularly vulnerable, leading to potential loss of connectivity and significant operational impact.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://archives.neohapsis.com/archives/bugtraq/2012-02/01...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Mar 1, 2012
Vulnerability Reserved
Jan 4, 2012