N/A

Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request that (1) has a destination MAC address unknown to the Layer-2 infrastructure, aka CSCsj69233; or (2) occurs during Layer-3 roaming across IP subnets, aka CSCsj70841.

N/A

N/A

Cisco无线LAN控制器ARP风暴多个拒绝服务漏洞

Cisco无线LAN控制器(WLC)可在轻型接入点和其他无线提供LAN控制器之间提供实时通讯，以执行集中的系统范围WLAN配置和管理功能。 WLC在处理单播ARP通讯时存在漏洞，移动组无线LAN控制器之间的LAN链路可能会充满单播ARP请求。 有漏洞的WLC可能错误地处理无线客户端的单播ARP请求，导致ARP风暴。附着到同组2层VLAN的两个WLC必须均拥有无线客户端环境才会暴露这个漏洞。在使用3层(跨子网)漫游后或使用访客WLAN(auto-anchor)时会出现这种情况。 如果客户端所发送的单播ARP

N/A

N/A