Thursday, June 29, 2006 2:03 PM cmosby

SANS - Internet Storm Center - Cisco Wireless Access Point Vulnerability Announced

Cisco Wireless Access Point Vulnerability Announced (NEW)

Published: 2006-06-29,
Last Updated: 2006-06-29 17:35:11 UTC by Toby Kohlenberg (Version: 1)

Cisco has released a vulnerability disclosure for their Wireless Access Points:

http://www.cisco.com/warp/public/707/cisco-sa-20060628-ap.shtml

The vuln is in the web interface for the APs and could allow wiping of the security config and access to the administrative interface without authentication.

To quote Cisco:

A vulnerability exists in the access point web-browser interface when Security > Admin Access is changed from Default Authentication (Global Password) to Local User List Only (Individual Passwords). This results in the access point being re-configured with no security, either Global Password or Individual Passwords, enabled. This allows for open access to the access point via the web-browser interface or via the console port with no validation of user credentials.

The following access points are affected if running Cisco IOS® Software Release 12.3(8)JA or 12.3(8)JA1 and are configured for web-interface management:

  • 350 Wireless Access Point and Wireless Bridge
  • 1100 Wireless Access Point
  • 1130 Wireless Access Point
  • 1200 Wireless Access Point
  • 1240 Wireless Access Point
  • 1310 Wireless Bridge
  • 1410 Wireless Access Point
SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System.
Filed under: , ,

Comments

No Comments