Guest

Preview Tool

Cisco Bug: CSCul15509 - AP crash if malformed EAP frame received w/ "debug dot11 aaa ..." set

Last Modified

Aug 06, 2018

Products (1)

  • Cisco Aironet 3700 Series Access Points

Known Affected Releases

12.4(25d)JA1

Description (partial)

Symptoms:
A vulnerability in the debugging features of Cisco IOS running on Aironet Access Points could allow an unauthenticate, adjacent attacker to create a 
denial of service condition.

The vulnerability is due to a failure to properly process a certain debugging message that may occur when the 'debug dot11 aaa authenticator all' 
command is enabled and a specifically malformed EAP packet is received.  An attacker could exploit this vulnerability by sending a packet 
specifically designed to trigger the issue while a network administrator is actively debugging the device.

This vulnerability was reported to Cisco by Maxim Salomon and Timo Warns of Airbus Operations GmbH.

Conditions:
Devices running an affected version of Cisco IOS software and that have enabled the 'debug dot11 aaa authenticator all' command
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.