发布日期:2013-01-23
更新日期:2013-01-25
受影响系统:
Cisco Wireless LAN Control 7.2
Cisco Wireless LAN Control 7.1
Cisco Wireless LAN Control 7.0
不受影响系统:
Cisco Wireless LAN Control 7.2.103.0
Cisco Wireless LAN Control 7.1.91.0
Cisco Wireless LAN Control 7.0.220.0
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 57524
CVE(CAN) ID: CVE-2013-1104
Cisco WLC 负责全系统的无线LAN功能,例如安全策略、入侵保护、RF管理,服务质量和移动性。
Cisco WLC设备的HTTP配置功能存在远程代码执行漏洞,可允许经过身份验证的远程攻击者通过特制的UserAgent字符串,利用此漏洞在受影响设备上执行任意代码。
设备开启了HTTP Profiling功能时才受该漏洞影响。可以使用show wlan来查看设备是否开启了HTTP Profiling功能。一个示例如下:
--------------------------------------------------------------------
(WLC)>show wlan 3
WLAN Identifier.................................. 3
<output suppressed>
Network Admission Control
Client Profiling Status ....................... Enabled
DHCP ......................................... Disabled
HTTP ......................................... Enabled
<output suppressed>
--------------------------------------------------------------------
<*来源:Cisco
链接:
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20130123-wlc)以及相应补丁:
cisco-sa-20130123-wlc:Multiple Vulnerabilities in Cisco Wireless LAN Controllers
链接: