Cisco Warns Of Bugs In Wireless LAN Controllers - InformationWeek
Software // Enterprise Applications
05:18 PM

Cisco Warns Of Bugs In Wireless LAN Controllers

The vulnerabilities affect Cisco Wireless LAN Controllers, but the company is offering a workaround.

Cisco Systems released a security advisory on Tuesday afternoon to address several vulnerabilities in its Wireless LAN Controllers that could enable hackers to cause a denial-of-service on the affected network.

The flaws lie in the handling of Address Resolution Protocol (ARP) packets. The advisory noted that a unicast ARP request may be flooded on the LAN links between Wireless LAN Controllers in a mobility group. A vulnerable WLC may mishandle unicast ARP requests from a wireless client, leading to an ARP storm.

The bugs affect versions 4.1, 4.0, 3.2, and prior versions of the Wireless LAN Controller software, according to the advisory.

The protocol provides a mapping between a device's IP address and its hardware address on the local network. And the Cisco Wireless LAN Controllers provide real-time communication between lightweight access points and other wireless LAN controllers for centralized system-wide WLAN configuration and management functions, according to Cisco.

As a workaround, Cisco is recommending that operators require all clients to obtain their IP addresses from a DHCP server. A DHCP, or Dynamic Host Configuration Protocol. is a set of rules used to allow a device to obtain an IP address from a server. To enforce the workaround, all WLANs can be configured with a DHCP Required setting, which disallows client static IP addresses, Cisco noted. If DHCP Required is selected, clients must obtain an IP address via DHCP. Any client with a static IP address will not be allowed on the network. The controller monitors DHCP traffic because it acts as a DHCP proxy for the clients.

Earlier this month, Cisco released two security bulletins to warn IT managers about vulnerabilities in its Unified Communications Manager. In one advisory, Cisco noted the Unified Communications Manager, which used to be known as CallManager, contained two overflow vulnerabilities. The flaws, according to the company, could enable a remote, unauthenticated hacker to execute arbitrary and malicious code or cause a denial-of-service.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll