Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
 
The vulnerability is due to improper input validation on fields within CAPWAP Discovery Request packets by the affected device. An attacker could exploit this vulnerability by sending malicious CAPWAP Discovery Request packets to the Cisco WLC Software. A successful exploit could allow the attacker to cause the Cisco WLC Software to disconnect associated access points (APs). While the APs disconnect and reconnect, service will be unavailable for a brief period of time, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-wlc-capwap-dos

Security Impact Rating: High

CVE: CVE-2018-0443

Related:

Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information.
 
The vulnerability is due to insufficient condition checks in the part of the code that handles CAPWAP keepalive requests. An attacker could exploit this vulnerability by sending a crafted CAPWAP keepalive packet to a vulnerable Cisco WLC device. A successful exploit could allow the attacker to retrieve the contents of device memory, which could lead to the disclosure of confidential information.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-wlc-capwap-memory-leak

Security Impact Rating: High

CVE: CVE-2018-0442

Related:

MAC and windows device control

I need a solution

Hi Team,

We are planning to setup Endpoint protection 14 for our IT Infra. can you please help me below querys

1. Is MAC machines device can control from Symantec server end , Like USB Block ?

2. If MAC connected Wifi or Wired, or home network , can we control USB block ?

3 . For windows Laptops also can we block USB more than 6 Months ?

4. Can we monitor the logs if any user connected USB external device his/her Laptop ?

5. Firewall management both MAC and windows ?

5. Please share your support email and contact details.

Thanks,

Ranjan

91 9845810364

0

Related:

Deployment Proxy SG with mobile device

I do not need a solution (just sharing information)

Hi All

I want a little discussion about Proxy SG deployment with the mobile devices.
here is the environment that I am developing.

1. I have a IP Address segment 10 for HRD User
2. I have a IP Address segment 11 for Admin User
3. I have a IP Address segment 12 for Guest User

The mechanism for getting the IP Address segment above is,
The mobile device like handphone, Android or IOS connects via wireless and the Wireless device Challenge authentication, and the user enters the Credentials of the account in accordance with the AD account. if the user is detected by an HRD user then the user gets IP segment 10.

the problem is, the LAN and wireless segments are combined into one. and if I make authentication for segment 10, then the Mobile device that connects to wireless will also be challenged for authentication. and this is also a problem, because authentication pop-ups sometimes do not appear.

how is the best deployment for the environment above?

Best Regards

0

Related:

Error: “Gateway is not Reachable”, Connection Goes Down After the VPN Tunnel is Established

  • Citrix Virtual Adapter is registered as an Ethernet adapter. Starting with Windows 8, the WCMSVC (Windows Connection Manager) disconnects low speed connections because an Ethernet Adapter is seen as more reliable and provides better performance compared to other adapters. That’s the reason, Wi-Fi, 3G/4G adapters get disconnected. But those connections are needed for actual communication with VPN gateway, VPN plugin shows “Gateway is not reachable”.

  • Related:

    I have issues with connect from my mail server to servers *.messagelabs.com

    I need a solution

    Hi! When i try to connect to some you servers i get timeout error. 

    When i try connect to cluster8.eu.messagelabs.com i can connect to server with ip 46.226.* but when i try to connect to ip 85.158.* i get error:

    # nmap 85.158.142.104 -p 25 -P0

    Starting Nmap 7.01 ( https://nmap.org ) at 2018-07-12 01:22 MSK
    Nmap scan report for mail229.messagelabs.com (85.158.142.104)
    Host is up.
    PORT   STATE    SERVICE
    25/tcp filtered smtp

    Nmap done: 1 IP address (1 host up) scanned in 2.09 seconds

    # nmap -p 25 46.226.53.56 -P0

    Starting Nmap 7.01 ( https://nmap.org ) at 2018-07-12 01:23 MSK
    Nmap scan report for mail308.messagelabs.com (46.226.53.56)
    Host is up (0.084s latency).
    PORT   STATE SERVICE
    25/tcp open  smtp

    Also i can’t connect to cluster1.us.messagelabs.com.

    # nmap -p 25 -P0 67.219.250.96

    Starting Nmap 7.01 ( https://nmap.org ) at 2018-07-12 01:24 MSK
    Nmap scan report for mail320.messagelabs.com (67.219.250.96)
    Host is up.
    PORT   STATE    SERVICE
    25/tcp filtered smtp

    Also with cluster1a.us.messagelabs.com.

    # nmap -p 25 -P0 216.82.251.230

    Starting Nmap 7.01 ( https://nmap.org ) at 2018-07-12 01:25 MSK
    Nmap scan report for mail555.messagelabs.com (216.82.251.230)
    Host is up.
    PORT   STATE    SERVICE
    25/tcp filtered smtp

    How fix this problem?

    0

    Related:

    Location Awareness issues after upgrade to SEP 14.2

    I need a solution

    Hello,

    Upgraded recently SEP manager and some clients from 14.0.3897.1101 to 14.2.758.0000.

    Upgraded clients started having issues with selecting correct location – laptops that have Wi-Fi card enabled (not connected to anything) insist in picking “Wireless” location.

    Althought the only IP they have is from the range approved for the “Ethernet Only” location.

    After some long trail and error i saw that what helped is to change from “If all of the IP addresses of the client computer are listed below” to “If the client computer has one of the IP addresses listed below”  – but this is not good enough.

    No other IP addresses exist on the client.

    Any ideas?

    Perhaps its a bug?

    Thanks !!!!
    Gennady

    Y:>ipconfig /all

    Windows IP Configuration

    Ethernet adapter Ethernet:

       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Intel(R) Ethernet Connection I218-LM
       Physical Address. . . . . . . . . : 28-D2-44-65-19-FD
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 10.1.1.135(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       DHCP Server . . . . . . . . . . . : 10.1.1.59
       DNS Servers . . . . . . . . . . . : 10.1.1.59
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Ethernet 2:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Check Point Virtual Network Adapter For Endpoint VPN Client
       Physical Address. . . . . . . . . : 54-5C-A5-51-E2-07
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wi-Fi:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-N 7260
       Physical Address. . . . . . . . . : 7C-7A-91-59-60-E1
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Local Area Connection* 2:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physical Address. . . . . . . . . : 7C-7A-91-59-60-E2
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Local Area Connection* 4:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
       Physical Address. . . . . . . . . : 7E-7A-91-59-60-E1
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Bluetooth Network Connection:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
       Physical Address. . . . . . . . . : 7C-7A-91-59-60-E5
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    0

    Related:

    Re: Unable to change recoverable saveset into browsable

    Hi Greg,

    with NW you must be very careful with the terms and terminology. This is especially true for the scanner command.

    Actually scanner has at least 2 funtionalities:

    – Extracting the metadata from a save set/volume

    – Restoring the data itself (scanner -S <ssid> | uasm -rv).

    Nobody would really use such command (today) if not absolute necessary.

    Here is the appropriate part of Legato’s Technical Bulletin 0001 (even before NDMP appeared):

    scanner_1.jpg

    The obvious consequences are:

    – you cannot do the restore (as the doc mentions, because data is still in NDMP format)

    – but you should be able to retrieve the metadata.

    As I said, NDMP can be tricky.

    And do not forget that you must run scanner on the storage node which controls the device.

    But you are lucky – I even have my old doc with me which I wrote 11 years ago. Here you can see that a “scanner -m” is possible on a disk device (FTD in this case), containing both, NDMP and non-NDMP backups (for example the NW ‘bootstrap’ SS). And yes, this is allowed but not best practice due to the limitations below:

    C:>scanner -nmv Z:BU_DEV1

    scanner: Reading the file label

    scanner: scanning file disk best2003_disk.001 on Z:BU_DEV1

    scanner: volume id 4054732398 record size 32768

    created 1/17/07 17:27:26 expires 1/16/09 17:27:26

    scanner: file disk best2003_disk.001 already exists in the media index

    scanner: scanning file 4021178525, record 0

    scanner: ssid 4021178525: found beginning of netapp:/vol/test/windows

    scanner: scanning file 4021178525, record 100

    scanner: scanning file 4021178525, record 200

    scanner: scanning file 4021178525, record 300

    scanner: scanning file 4021178525, record 400

    scanner: scanning file 4021178525, record 500

    scanner: scanning file 4021178525, record 600

    scanner: scanning file 4021178525, record 700

    …..

    scanner: scanning file 4021178525, record 31100

    scanner: scanning file 4021178525, record 31200

    scanner: scanning file 4021178525, record 31300

    scanner: scanning file 4021178525, record 31400

    scanner: scanning file 4021178525, record 31500

    scanner: scanning file 4021178525, record 31600

    scanner: scanning file 4021178525, record 31700

    scanner: ssid 4021178525: scan complete

    scanner: ssid 4021178525: 1009 MB, 10001 file(s)

    scanner: scanning file 4004401519, record 0

    scanner: ssid 4004401519: found beginning of best2003: //

    index:a9165a08-00000004-45adff55-45ae1516-00020000-c3d64b66

    scanner: ssid 4004401519: 1125 KB, 1 file(s)

    scanner: ssid 4004401519: scan complete

    scanner: ssid 4004401519: 1126 KB, 4 file(s)

    scanner: scanning file 3987624419, record 0

    scanner: ssid 3987624419: found beginning of best2003:bootstrap

    scanner: ssid 3987624419: scan complete

    scanner: ssid 3987624419: 195 KB, 250 file(s)

    scanner: done with file disk best2003_disk.001

    C:>

    Unfortunately, “scanner -i” is NOT possible – sorry for setting wrong expectations:

    C:>scanner -niv Z:BU_DEV1

    scanner: Reading the file label

    scanner: scanning file disk best2003_disk.001 on Z:BU_DEV1

    scanner: volume id 4054732398 record size 32768

    created 1/17/07 17:27:26 expires 1/16/09 17:27:26

    scanner: file disk best2003_disk.001 already exists in the media index

    scanner: scanning file 4021178525, record 0

    scanner: ssid 4021178525: found beginning of netapp:/vol/test/windows

    scanner: save_xdr: bad magic number 0x45ae48f7scanner: resynchronizing …scanner: scanning file 4021178525, record 100

    scanner: scanning file 4021178525, record 200

    scanner: scanning file 4021178525, record 300

    scanner: scanning file 4021178525, record 400

    scanner: scanning file 4021178525, record 500

    scanner: scanning file 4021178525, record 600

    scanner: scanning file 4021178525, record 700

    scanner: scanning file 4021178525, record 800

    scanner: scanning file 4021178525, record 900

    scanner: scanning file 4021178525, record 1000

    scanner: scanning file 4021178525, record 1100

    …..

    scanner: scanning file 4021178525, record 31000

    scanner: scanning file 4021178525, record 31100

    scanner: scanning file 4021178525, record 31200

    scanner: scanning file 4021178525, record 31300

    scanner: scanning file 4021178525, record 31400

    scanner: scanning file 4021178525, record 31500

    scanner: scanning file 4021178525, record 31600

    scanner: scanning file 4021178525, record 31700

    scanner: ssid 4021178525: scan complete

    scanner: ssid 4021178525: 1009 MB, 10001 file(s)

    scanner: couldn’t decode magic variable

    scanner: (ssid 4021178525) error decoding save stream

    scanner: (ssid 4021178525) would have added 0 new file index entries

    scanner: scanning file 4004401519, record 0

    scanner: ssid 4004401519: found beginning of best2003:index:a9165a08-00000004-45adff55-45ae1516-00020000-c3d64b66

    scanner: ssid 4004401519: 1125 KB, 1 file(s)

    scanner: ssid 4004401519: scan complete

    scanner: ssid 4004401519: 1126 KB, 4 file(s)

    scanner: scanning file 3987624419, record 0

    scanner: ssid 3987624419: found beginning of best2003:bootstrap

    scanner: ssid 3987624419: scan complete

    scanner: ssid 3987624419: 195 KB, 250 file(s)

    scanner: done with file disk best2003_disk.001

    C:>

    Thinking about it, the reason is obvious: NDMP still controls the format of the backed up data but NetWorker reads OFT (Open Tape Format). Sorry for the confusion – mea maxima culpa.

    So if you cannot get the file index back for whatever reason – restore the save set to a temp location and get your files from here. In your case it is most likely the the easiest method.

    And do not forget: “NDMP backups can be tricky.”

    Related:

    • No Related Posts