SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Device (Router/Bridge/Hub)  >  Cisco Access Points Vendors:  Cisco
Cisco Access Points Disclose Potentially Sensitive Information and May Let Remote Users Hijack APs
SecurityTracker Alert ID:  1022774
SecurityTracker URL:  http://securitytracker.com/id?1022774
CVE Reference:  CVE-2009-2861   (Links to External Site)
Date:  Aug 26 2009
Impact:  Disclosure of system information, User access via network
Vendor Confirmed:  Yes  
Version(s): 1100 and 1200 Series
Description:  A vulnerability was reported in Cisco Access Points. A remote user can obtain potentially sensitive information. A remote user may be able to hijack access points.

Some Cisco Access Points (APs) transmit unencrypted multicast data frames that include the MAC address and IP address of the wireless controller that the AP is connected to and AP configuration data. A remote user monitoring the wireless network can obtain this potentially sensitive information.

When the Cisco Over-the-Air-Provisioning (OTAP) feature is enabled, a remote user can inject remote radio management (RRM) packets to cause a non-configured AP that is starting up to connect to an arbitrary wireless controller.

Cisco Lightweight Wireless Access Point 1100 and 1200 Series devices are affected by this vulnerability.

Cisco has assigned Cisco Bug ID CSCtb56664 to this vulnerability.

The original advisory is available at:

http://www.airmagnet.com/assets/AM_Technote_SkyJack_082509.pdf

The AirMagnet Intrusion Research Team reported this vulnerability.

[Editor's note: Cisco has determined this to be a "denial of service" vulnerability because the target AP cannot connect to valid network resources. Cisco indicates that wireless clients will not be able to associate to attacker-controlled APs.]
Impact:  A remote user monitoring the wireless network can obtain potentially sensitive network information.

A remote user may be able to hijack an arbitrary access point.
Solution:  No solution was available at the time of this entry.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/viewAlert.x?alertId=18919
Vendor URL:  www.cisco.com/ (Links to External Site)
Cause:  Access control error

Message History:   None.

 Source Message Contents
Date:  Wed, 26 Aug 2009 00:16:07 -0400
Subject:  Cisco Access Points

 
 
http://www.airmagnet.com/news/press_releases/2009/08252009.php
 
Cisco Over-the-Air-Provisioning (OTAP)


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC