CVE-2009-2861

Severity

73%

Complexity

55%

Confidentiality

153%

The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664.

The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664.

CVSS 2.0 Base Score 7.3. CVSS Attack Vector: adjacent_network. CVSS Attack Complexity: medium. CVSS Vector: (AV:A/AC:M/Au:N/C:N/I:C/A:C).

Overview

Type

Cisco Aironet

First reported 15 years ago

2009-08-27 17:00:00

Last updated 15 years ago

2009-08-28 04:00:00

Affected Software

Cisco Aironet 1100

Cisco Aironet 1200

References

1022774

http://tools.cisco.com/security/center/viewAlert.x?alertId=18919

Patch, Vendor Advisory

http://www.airmagnet.com/assets/AM_Technote_SkyJack_082509.pdf

http://www.airmagnet.com/news/press_releases/2009/08252009.php

36145

ADV-2009-2419

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.