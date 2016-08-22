Cisco Aironet Access Point Software 8.1(112.4) Denial Of Service Overflow Vulnerability
11 Nov. 2016
Summary
The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192.
Vulnerable Systems:
* Cisco Aironet Access Point Software 8.1(131.0)
* Cisco Aironet Access Point Software 8.1(112.3)
* Cisco Aironet Access Point Software 8.1(112.4)
* Cisco Aironet Access Point Software 8.1(15.14)
* Cisco Aironet Access Point Software 8.2(100.0)
* Cisco Aironet Access Point Software 8.2(102.43)
* Cisco Aironet Access Point Software 8.3.0
A vulnerability in the 802.11 wireless LAN protocol for Cisco Access Point (AP) platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads.
The vulnerability is due to rate limiting of 802.11 traffic. An attacker could exploit this vulnerability by sending crafted 802.11 traffic to the targeted adjacent device. An exploit could allow the attacker to cause the device to reload unexpectedly.