ID
VAR-E-200511-0476
TITLE
Cisco Airespace WLAN Controller Unauthorized Network Access Vulnerability
Trust: 0.3
DESCRIPTION
Cisco Airespace WLAN (Wireless LAN) devices are prone to an issue that may permit unauthorized parties to access a secure network.
This issue can occur when Cisco access points are configured to run in Lightweight Access Point Protocol (LWAPP) mode.
This vulnerability may allow unauthorized parties to send unencrypted network packets to a secure network by spoofing the MAC address of another host that has already authenticated. This may bypass the security of the wireless network as it may permit unauthorized access by hosts that have not authenticated.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | cisco | model: | series airespace wireless lan controller | scope: | eq | version: | 40003.1.59.24 | Trust: 0.3 |
| vendor: | cisco | model: | series airespace wireless lan controller | scope: | eq | version: | 20003.1.59.24 | Trust: 0.3 |
| vendor: | cisco | model: | series access point | scope: | eq | version: | 1240 | Trust: 0.3 |
| vendor: | cisco | model: | series access point | scope: | eq | version: | 1200 | Trust: 0.3 |
| vendor: | cisco | model: | series access point | scope: | eq | version: | 1131 | Trust: 0.3 |
EXPLOIT
It is likely that this issue could be exploited with a publicly available packet crafting or MAC address spoofing utility.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Access Validation Error
Trust: 0.3
CREDITS
This issue was announced by the vendor.
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 15272 | Trust: 0.3 |
REFERENCES
| url: | http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml | Trust: 0.3 |
SOURCES
| db: | BID | id: | 15272 |
LAST UPDATE DATE
2022-07-27T09:36:54.378000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 15272 | date: | 2005-11-02T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 15272 | date: | 2005-11-02T00:00:00 |