ID CVE-2006-0354
Summary Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
References
Vulnerable Configurations
  • Cisco Aironet 1100
    cpe:2.3:h:cisco:aironet_ap1100
  • Cisco Aironet 1130AG
    cpe:2.3:h:cisco:aironet_ap1130ag
  • Cisco Aironet 1200
    cpe:2.3:h:cisco:aironet_ap1200
  • Cisco Aironet 1230AG
    cpe:2.3:h:cisco:aironet_ap1230ag
  • Cisco Aironet 1240AG
    cpe:2.3:h:cisco:aironet_ap1240ag
  • Cisco Aironet 1300
    cpe:2.3:h:cisco:aironet_ap1300
  • Cisco Aironet 1400
    cpe:2.3:h:cisco:aironet_ap1400
  • Cisco Aironet 350 IOS
    cpe:2.3:h:cisco:aironet_ap350
CVSS
Base: 5.5 (as of 23-01-2006 - 08:15)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
exploit-db via4
description Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS. CVE-2006-0354. Dos exploit for hardware platform
id EDB-ID:1447
last seen 2016-01-31
modified 2006-01-25
published 2006-01-25
reporter Pasv
source https://www.exploit-db.com/download/1447/
title Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS
oval via4
accepted 2008-09-08T04:00:35.719-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
family ios
id oval:org.mitre.oval:def:5680
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco Aironet Access Point ARP Memory Exhaustion DoS Vulnerability
version 3
refmap via4
bid 16217
cisco 20060112 Access Point Memory Exhaustion from ARP Attacks
osvdb 22375
sectrack 1015483
secunia 18430
sreason 339
vupen ADV-2006-0176
xf cisco-aironet-arp-dos(24086)
Last major update 07-03-2011 - 21:29
Published 22-01-2006 - 15:03
Last modified 10-10-2017 - 21:30
Back to Top