1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cisco fixes serious denial-of-service flaws in wireless LAN controllers, other products

Discussion in 'CSO' started by RSS, Apr 21, 2016.

  1. RSS

    RSS New Member Member

    Cisco Systems has released patches to fix serious denial-of-service flaws in its Wireless LAN Controller (WLC) software, Cisco Adaptive Security Appliance (ASA) software and the Secure Real-Time Transport Protocol (SRTP) library that's used in many products.

    The Cisco WLC software contains two denial-of-service vulnerabilities, one of which is rated critical and could be exploited by an unauthenticated attacker through specially crafted HTTP requests sent to the device. This can cause a buffer overflow condition that, in addition to a device reload, might also allow for execution of arbitrary code on the device.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page