Cisco Aironet Denial of Service and Enumeration of User Accounts - Secunia Advisories - Vulnerability Intelligence

Cisco Aironet Denial of Service and Enumeration of User Accounts
Secunia Advisory:	SA9372	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-07-29
Popularity:	7,471 views

Critical:	Less critical
Impact:	Exposure of system information DoS
Where:	From local network
Solution Status:	Vendor Patch

OS:	Cisco Aironet 1100 Series Access Point Cisco Aironet 1200 Series Access Point Cisco Aironet 1400 Series Wireless Bridge

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2003-0511 CVE-2003-0512

Description: Two vulnerabilities have been identified in Cisco Aironet 1100, 1200, and 1400 running IOS. These vulnerabilities could be exploited to enumrate users or cause a Denial of Service. 1) When logging in via telnet, Cisco Aironet returns different error messages depending on whether a username is valid or invalid. This can be exploited to enumerate valid accounts. 2) Cisco Aironet does not handle malicious HTTP requests properly. This allows a malicious person to crash the device causing it to reload. The following versions are vulnerable: Cisco Aironet Wireless Access Point AP1100 series running IOS versions: 12.2(4)JA, 12.2(4)JA1, 12.2(8)JA, 12.2(11)JA Cisco Aironet Wireless Access Point AP1200 series running IOS versions: 12.2(8)JA, 12.2(11)JA Cisco Aironet Wireless Bridge AP1400 series series running IOS versions: 12.2(11)JA Cisco Aironet devices running VxWorks are not affected. Solution: Cisco IOS version 12.2(11)JA1 is not vulnerable. It is available from: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Provided and/or discovered by: Reda Zitouni, VIGILANTe Original Advisory: http://www.cisco.com/warp/public/707/cisco-sa-20030728-ap1x00.shtml http://www.cisco.com/warp/public/707/cisco-sn-20030724-ios-enum.shtml Other References: http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003002.htm

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

10th Oct, 2008

New advisories:	15
New vulnerabilities:	83
Updated advisories:	41

Moderately // 210 views

ScriptsEz Easy Image Downloader "id" File Disclosure Vulnerability

Moderately // 218 views

Built2go Real Estate Listings "event_id" SQL Injection

Highly // 359 views

Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow

Moderately // 249 views

Red Hat update for cups

Highly // 258 views

DFF PHP Framework API "DFF_config[dir_incl ude]" File Inclusion Vulnerabilities

Not // 279 views

FUJITSU Interstage Products Apache Tomcat Security Bypass

Moderately // 481 views

Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Moderately // 265 views

Fedora update for condor

Moderately // 534 views

CUPS Multiple Vulnerabilities

Not // 305 views

Gentoo Portage Insecure Python Module Search Path Security Issue

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.