PT-2008-6624 · Aruba · Aruba Mobility Controller

Robbie Gill

Publicado

2008-12-15

Atualizado

2018-10-11

CVE-2008-5563

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Aruba Mobility Controller versions 2.4.8.x-FIPS through 3.3.2.x

Description The issue allows remote attackers to cause a denial of service, resulting in a device crash, by sending a malformed Extensible Authentication Protocol (EAP) frame.

Recommendations For versions 2.4.8.x-FIPS through 3.3.2.x, consider restricting access to EAP frames until a patch is available. As a temporary workaround, disabling EAP authentication may help minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2008-5563

Produtos afetados

Aruba Mobility Controller

PT-2008-6624 · Aruba · Aruba Mobility Controller

CVE-2008-5563

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7