CVSS: 6.1EPSS: 0%CPEs: 15EXPL: 0CVE-2009-0058
https://notcve.org/view.php?id=CVE-2009-0058
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner. Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), y Cisco Catalyst 3750 Integrated Wireless LAN Controller con software v4.x antes de v4.2.176.0 y v5.x antes de v5.2, permiten a atacantes remotos provocar una denegación de servicio (caída del servicio de autenticación web) mediante tráfico de red no especificado, como ha demostrado un escáner de vulnerabilidades. • http://secunia.com/advisories/33749 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml http://www.securityfocus.com/bid/33608 http://www.securitytracker.com/id?1021679 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2009-0059
https://notcve.org/view.php?id=CVE-2009-0059
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html. El Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), y Cisco Catalyst 3750 Integrated Wireless LAN Controller con software v4.x anterior a v4.2.176.0 y v5.2.x anterior a 5.2.157.0; permiten a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo) a través de una sesión de autenticación Web (también conocido WebAuth) que incluye una solicitud POST mal formada a login.html. • http://secunia.com/advisories/33749 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml http://www.securityfocus.com/bid/33608 http://www.securitytracker.com/id?1021679 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 2%CPEs: 10EXPL: 0CVE-2007-4011
https://notcve.org/view.php?id=CVE-2007-4011
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request that (1) has a destination MAC address unknown to the Layer-2 infrastructure, aka CSCsj69233; or (2) occurs during Layer-3 roaming across IP subnets, aka CSCsj70841. Cisco 4100 y 4400, Airespace 4000, y Catalyst 6500 y 3750 Wireless LAN Controller (WLC) software anterior a 3.2 20070727, 4.0 anterior a 20070727, y 4.1 anterior a 4.1.180.0 permite a atacantes remotos provocar denegación de servicio (amplificación de tráfico o tormenta ARP)a través de una respuesta ARP unicast que (1) tiene una dirección de destino MAC desconocida a la infraestructura Layer-2, también conocida como CSCsj69233; o (2) ocurre a lo lago del roaming Layer-3 a través de subredes IP, también conocido como CSCsj70841. • http://secunia.com/advisories/26161 http://www.cisco.com/en/US/products/products_security_advisory09186a008088ab28.shtml http://www.securityfocus.com/bid/25043 http://www.securitytracker.com/id?1018444 http://www.vupen.com/english/advisories/2007/2636 https://exchange.xforce.ibmcloud.com/vulnerabilities/35576 •
CVSS: 7.1EPSS: 2%CPEs: 10EXPL: 0CVE-2007-4012
https://notcve.org/view.php?id=CVE-2007-4012
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a known client context", aka CSCsj50374. Cisco 4100 y 4400, Airespace 4000, y Catalyst 6500 y 3750 Wireless LAN Controller (WLC) software 4.1 versiones anteriores a 4.1.180.0, permiten a atacantes remotos provocar una denegación de servicio (tormenta ARP) mediante un distribución a todos de paquete ARP que "coincide con la dirección IP de un contexto de cliente conocido", también conocido como CSCsj50374. • http://secunia.com/advisories/26161 http://www.cisco.com/en/US/products/products_security_advisory09186a008088ab28.shtml http://www.securityfocus.com/bid/25043 http://www.securitytracker.com/id?1018444 http://www.vupen.com/english/advisories/2007/2636 https://exchange.xforce.ibmcloud.com/vulnerabilities/35576 https://exchange.xforce.ibmcloud.com/vulnerabilities/44591 •
CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2007-2038
https://notcve.org/view.php?id=CVE-2007-2038
The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug ID CSCsg36361. La Network Processing Unit (NPU) en el Cisco Wireless LAN Controller (WLC) anterior a 3.2.193.5, 4.0.x anterior a 4.0.206.0, y 4.1.x permite a atacantes remotos en una red local provocar una denegación de servicio (pérdida de reenvío de paquetes) mediante (1)paquetes SNAP manipulados, (2) tráfico 802.11 mal formado, o (3) paquetes con determinados valores de longitud de cabecera, también conocido como Bug ID CSCsg36361. • http://securitytracker.com/id?1017908 http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtml http://www.osvdb.org/34136 http://www.securityfocus.com/bid/23461 http://www.vupen.com/english/advisories/2007/1368 https://exchange.xforce.ibmcloud.com/vulnerabilities/33609 •