ID
VAR-E-200907-1149
CVE
| cve_id: | CVE-2009-1164 | Trust: 0.3 |
TITLE
Cisco Wireless LAN Controller HTTP Authorization Denial of Service Vulnerability
Trust: 0.3
DESCRIPTION
Cisco Wireless LAN Controller is prone to a denial-of-service vulnerability when handling specially crafted HTTP requests.
An attacker can exploit this issue to trigger an affected device to reboot, causing denial-of-service conditions.
This issue affects Cisco Wireless LAN Controller 4402 (software release 5.1.151.0); other versions and devices may be affected as well.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 44000 | Trust: 0.6 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 21000 | Trust: 0.6 |
| vendor: | cisco | model: | wlc modules for integrated services routers | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | wireless services modules | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan control | scope: | eq | version: | 5.2 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan control | scope: | eq | version: | 5.1 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan control | scope: | eq | version: | 5.0 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan control m | scope: | eq | version: | 4.2 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan control | scope: | eq | version: | 4.2 | Trust: 0.3 |
| vendor: | cisco | model: | catalyst 3750g | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 55000 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 44040 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 44020 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 42000 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 41000 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 21060 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 20060 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 20000 | Trust: 0.3 |
| vendor: | cisco | model: | - | scope: | eq | version: | 1500 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan control | scope: | ne | version: | 6.0.182.0 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan control | scope: | ne | version: | 5.2.193.0 | Trust: 0.3 |
| vendor: | cisco | model: | wireless lan control | scope: | ne | version: | 4.2.207.0 | Trust: 0.3 |
EXPLOIT
Attackers can use readily available network utilities or a browser to exploit this issue.
The following exploit is available:
Bullet list:
<li><a href="/data/vulnerabilities/exploits/35805.rb">/data/vulnerabilities/exploits/35805.rb</a></li>
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Failure to Handle Exceptional Conditions
Trust: 0.3
CREDITS
Christoph Bott
Trust: 0.3
EXTERNAL IDS
| db: | NVD | id: | CVE-2009-1164 | Trust: 0.3 |
| db: | BID | id: | 35805 | Trust: 0.3 |
REFERENCES
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | http://www.cisco.com/warp/public/707/cisco-sa-20090727-wlc.shtml | Trust: 0.3 |
SOURCES
| db: | BID | id: | 35805 |
LAST UPDATE DATE
2022-07-27T09:59:32.133000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 35805 | date: | 2009-07-27T18:05:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 35805 | date: | 2009-07-26T00:00:00 |