Vulnerabilities > CVE-2007-2039 - Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software

CVSS 6.1 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

low complexity

cisco

CWE-399

NVD

Published: 2007-04-16

Updated: 2018-11-01

Summary

The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco Wireless LAN Controller Software 3.2 Cisco Wireless LAN Controller Software 3.2.116.21 Cisco Wireless LAN Controller Software 4.0 Cisco Wireless LAN Controller Software 4.0.108 Cisco Wireless LAN Controller Software 4.0.155.0 Cisco Wireless LAN Controller Software 4.0.155.5 Cisco Wireless LAN Controller Software 4.0.179.8 Cisco Wireless LAN Controller Software 4.0.179.11 Cisco Wireless LAN Controller Software 4.0.196 Cisco Wireless LAN Controller Software 4.1	10

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References