Cisco Wireless LAN Controller IAPP Input Validation Flaw Lets Remote Users Forward Network Traffic to Other Destinations : 8/25/2015 1:47:50 AM

Create a free account with New Relic and get this swanky shirt for FREE!
From our sponsors
 

 

Vulnerability Databse
This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text.

Cisco Wireless LAN Controller IAPP Input Validation Flaw Lets Remote Users Forward Network Traffic to Other Destinations
8/25/2015 12:00:00 AM

Cisco Wireless LAN Controller IAPP Input Validation Flaw Lets Remote Users Forward Network Traffic to Other Destinations
SecurityTracker Alert ID:  1033360
SecurityTracker URL:  http://securitytracker.com/id/1033360
CVE Reference:   CVE-2015-6258   (Links to External Site)
Date:  Aug 24 2015
Impact:   Host/resource access via network
Vendor Confirmed:  Yes  
Version(s): 8.1(104.37)
Description:   A vulnerability was reported in Cisco Wireless LAN Controller. A remote user can forward network traffic to other destinations.

A remote user can send a specially crafted IPv6 packet to exploit an input validation flaw in the Internet Access Point Protocol (IAPP) module and cause network traffic to be forwarded to an unexpected destination on a remote sub-network.

The vendor has assigned bug ID CSCuv40033 to this vulnerability.

Impact:   A remote user can cause network traffic to be forwarded to an unexpected destination on a remote sub-network.
Solution:   No solution was available at the time of this entry.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/viewAlert.x?alertId=40586

Vendor URL:  tools.cisco.com/security/center/viewAlert.x?alertId=40586 (Links to External Site)
Cause:   Input validation error
Underlying OS:  

Message History:   None.

 

You are receiving this email because you subscribed to this feed at feedmyinbox.com

If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions

Diberdayakan oleh Blogger.