CVE-2007-4011

Name of the Vulnerable Software and Affected Versions: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software versions prior to 3.2 20070727 Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software versions 4.0 before 20070727 Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software versions 4.1 before 4.1.180.0

Description: The issue allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request. This can occur when the destination MAC address is unknown to the Layer-2 infrastructure or during Layer-3 roaming across IP subnets. The vulnerability is related to the handling of Address Resolution Protocol (ARP) packets.

Recommendations: For versions prior to 3.2 20070727, update to version 3.2 20070727 or later. For versions 4.0 before 20070727, update to version 4.0 20070727 or later. For versions 4.1 before 4.1.180.0, update to version 4.1.180.0 or later. As a temporary workaround, consider implementing workarounds available to mitigate the effects of these vulnerabilities.