Cisco Wireless LAN Controller拒绝服务漏洞(CVE-2016-1364)
发布日期:2016-04-20
更新日期:2016-04-21
受影响系统:
Cisco Wireless LAN Controller 7.6
Cisco Wireless LAN Controller 7.5
Cisco Wireless LAN Controller 7.4 < 7.4.130.0(MD)
描述:
CVE(CAN) ID: CVE-2016-1364
Cisco WLC 负责全系统的无线LAN功能,例如安全策略、入侵保护、RF管理,服务质量和移动性。
Cisco Wireless LAN Controller (WLC) Software的Bonjour任务管理器存在漏洞,未经身份验证的远程攻击者发送构造的Bonjour数据包到受影响软件,可造成受影响设备重载,导致拒绝服务。
<*来源:
Cisco
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos
*>
建议:
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20160420-bdos)以及相应补丁:
cisco-sa-20160420-bdos:Cisco Wireless LAN Controller Denial of Service Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos