CVE-2006-0354
First published: Sun Jan 22 2006(Updated: )
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Aironet AP1100 | ||
| Cisco Aironet AP350 | ||
| Cisco Aironet AP1230AG | ||
| Cisco Aironet AP1400 | ||
| Cisco Aironet AP1300 | ||
| Cisco Aironet AP Software Major | ||
| Cisco Aironet AP1240 | ||
| Cisco Aironet AP1200 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/warp/public/707/cisco-sa-20060112-wireless.shtml
- http://www.securityfocus.com/bid/16217
- http://securitytracker.com/id?1015483
- http://secunia.com/advisories/18430
- http://www.osvdb.org/22375
- http://securityreason.com/securityalert/339
- http://www.vupen.com/english/advisories/2006/0176
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24086
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5680
Frequently Asked Questions
What is the severity of CVE-2006-0354?
CVE-2006-0354 is classified as a denial of service vulnerability.
How do I fix CVE-2006-0354?
To mitigate CVE-2006-0354, upgrade to a Cisco IOS version that is patched against this vulnerability.
Which devices are affected by CVE-2006-0354?
CVE-2006-0354 affects various Cisco Aironet Wireless Access Points including models AP1100, AP1130AG, AP1200, AP1230AG, AP1240AG, AP1300, AP1400, and AP350.
What is the impact of CVE-2006-0354 on affected devices?
The impact of CVE-2006-0354 includes potential denial of service, leading to termination of packet passing or client connections.
Who can exploit CVE-2006-0354?
CVE-2006-0354 can be exploited by remote authenticated users sending large numbers of spoofed ARP packets.
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco aironet ap1100
- canonical/cisco aironet ap350
- canonical/cisco aironet ap1230ag
- canonical/cisco aironet ap1400
- canonical/cisco aironet ap1300
- canonical/cisco aironet ap software major
- canonical/cisco aironet ap1240
- canonical/cisco aironet ap1200