Top
image credit: helpnetsecurity.com

Cisco Patches Severe Flaws

April 25, 2016

Category:

Cisco has released software updates to patch several critical and high severity denial-of-service (DoS) vulnerabilities in the company’s Wireless LAN Controller (WLC) products.

The most serious of the flaws, rated critical, is an issue related to the HTTP URL redirect feature of WLC software. The vulnerability (CVE-2016-1363), caused by the improper handling of HTTP traffic, allows an unauthenticated attacker to remotely trigger a buffer overflow and cause affected devices to enter a DoS condition.

The security hole affects Cisco WLC software versions 7.2, 7.3, 7.4 releases prior to 7.4.140.0(MD), 7.5, 7.6, and 8.0 releases prior to 8.0.115.0(ED).

Read More on InfoSecurity Live