—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Wireless LAN Controller IP Fragment Reassembly Denial of Service Vulnerability

Advisory ID: cisco-sa-20180502-wlc-ip

Revision: 1.0

For Public Release: 2018 May 2 16:00 GMT

Last Updated: 2018 May 2 16:00 GMT

CVE ID(s): CVE-2018-0252

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary

=======

A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

The vulnerability is due to a corruption of an internal data structure process that occurs when the affected software reassembles certain IPv4 packets. An attacker could exploit this vulnerability by sending certain malformed IPv4 fragments to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-ip [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-ip”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJa6eEuXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczb+cQANE93euvvagrYbEQnPiAnnfJ+FHP
XQIsB98VXXPF8DEDc4XN90e/GwdndYHvAUAWEtRZyfRRQnNS+xvEJUBb0wIELSbh
WfMaDwOLcisUUWE/ikmNpZM/vB4XznyW+SWd396d/+KVEyRTTGqHnbB1rBHn98bv
Iq/Q8v8umOQ1HL0ve8Dtt7nMMr1BvG3p+tuFWepKhQyRUWwuZ1y55DzFRrOutC5n
647kYeaJlB7he0Afvx+drDfrxMal1BTQoYuvIF/oQ34S1YDUuqaHfVFrYTs4GI2R
yaQZZSxmVftocGHTBWHHM/xZ/MfxkCsmC83vjXo6zLEEgQFfaqv/a7v2+cUu9pBB
7XIJp+oTr3Gw41yuk+EttBDprc/ZBSN9+baS2v7bRA4d3TJIJHUoPTD1Y1TWAiGB
qy2o2XxTCXrSinNZyrqR/XPDLYh93Waz8F4HMOJOki+LmkN90HMosoedbl4F1rfi
yNdcIONsNBIH74oWIfcAupqiFEEGckb/pKtUV9pKbCie3Ys6PIHLFrDUpLjFG6A/
4TrPz79HwIkryo/ZM41GNmmzb2opxboTrujH021aO9aYL3UTPx95tM5UjjuA+zJo
Zq/0w1AUI0JubJXJ7nUmLjgq9ob7l1/lNki+qKktVM3nZRINmG+4GyscN9HnaYUh
bcS23YAcYDo64oz3
=zIb0
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Wireless LAN Controller 802.11 Management Frame Denial of Service Vulnerability

Advisory ID: cisco-sa-20180502-wlc-mfdos

Revision: 1.0

For Public Release: 2018 May 2 16:00 GMT

Last Updated: 2018 May 2 16:00 GMT

CVE ID(s): CVE-2018-0235

CVSS Score v(3): 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary

=======

A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

The vulnerability is due to incomplete input validation of certain 802.11 management information element frames that an affected device receives from wireless clients. An attacker could exploit this vulnerability by sending a malformed 802.11 management frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload unexpectedly, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-mfdos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-mfdos”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJa6eErXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczkBQP/1KxTrxLbOonh9sWB54TkrsKszhB
V4DDH5ohl+BfJaRQN7oNhiFbyKl93BamVaZhKMkptenM64xh1/wrUdVMHw4Q1NNT
Q3fWwDvRdpsXeETsYGSCOuqc7+VZwrsp0+m0aIITGOfjI8uBsZJlW+mzeHmj70Db
OwQmlKcWITmfqxbqgZuYqEJS+s+NhnajmE0aNGilZVYdgMcMEwt26mSUKX8L7tKm
4L6Er3ZlWD8rC9M/vEhl3rSwnCZ9uiqeALB/Dam1gjjhNj7NZQscRUeZ2gQZ9+bW
2JWP3+wELJ3kWJozArdc/rdSALs9Ch4Ll8XXnC+Ff8V5Aca3O/Xi1FAT5uj0nm6x
OXwAx/6vTAZjDbth8Ct0qv09f2/A5NLZkDbiLHvA4IIsYcowcoIMtqZ0ZLbjCX1v
aos9SW/8ZHOAvn0CB8q8yV+F/N25iNXOxM+8UoQ1+OCHLuCT7NpAJdhpl1JTS5R3
YXaQfuWqlLq1d5eJUH1+T3aswGZ/6wYrIGuxaAornsebTPxmXWv4rixoPeb4Zkcr
jcYbz1YxD+EOHUiYWLo5hC9tQ6lKQL8Q0p7SmE83JCCxe+4XVmoD0anGKF98jNNV
MUMd7TXthnK1qKziSnXnBtoYJcxWHEBM7VQ3/eG18ck0dgc0tlNSTkGKgQex5/eY
5jmOxoY/8mCGlGOR
=8TyF
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com