This was just posted on Cisco’s website:
The Cisco Wireless LAN Controller (WLC) manages Cisco Aironet access points using the Lightweight Access Point Protocol (LWAPP). The WLC contains multiple vulnerabilities that could result in a denial of service (DoS) condition, information disclosure, or access control list changes, or allow an attacker to gain full administrative access.
Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities.
And this one as well:
The Cisco Wireless Control System (WCS) works in conjunction with Cisco Aironet Lightweight Access Points, Cisco Wireless LAN Controllers, and the Cisco Wireless Location Appliance by providing tools for wireless LAN planning and design, system configuration, location tracking, security monitoring, and wireless LAN management. Cisco WCS contains multiple vulnerabilities that can result in information disclosure, privilege escalation, and unauthorized access through fixed authentication credentials.
Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.
[tags]Cisco Wireless, Wireless LAN, Vulenrabilities[/tags]