Cisco has released a security advisory to address multiple vulnerabilities in Wireless LAN Controllers. The advisory addresses the following:
- Malformed HTTP or HTTPS authentication response denial-of-service vulnerability.
- SSH connections denial-of-service vulnerability.
- Crafted HTTP or HTTPS request denial-of-service vulnerability.
- Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability.
Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or gain full control over the Wireless LAN Controller.
DarkFiber Consulting encourages users and administrators to review Cisco Security Advisory cisco-sa-20090727-wlc and apply any necessary updates or workarounds to help mitigate the risks.