Cisco Wireless LAN Controller HTTP配置功能远程代码执行漏洞

文章由LinuxBoy分享于2019-04-02 05:04:10热评（350）

Cisco Wireless LAN Controller HTTP配置功能远程代码执行漏洞

发布日期：2013-01-23
更新日期：2013-01-25

受影响系统：
Cisco Wireless LAN Control 7.2
Cisco Wireless LAN Control 7.1
Cisco Wireless LAN Control 7.0
不受影响系统：
Cisco Wireless LAN Control 7.2.103.0
Cisco Wireless LAN Control 7.1.91.0
Cisco Wireless LAN Control 7.0.220.0
描述：
--------------------------------------------------------------------------------
BUGTRAQ ID: 57524
CVE(CAN) ID: CVE-2013-1104

Cisco WLC 负责全系统的无线LAN功能，例如安全策略、入侵保护、RF管理，服务质量和移动性。

Cisco WLC设备的HTTP配置功能存在远程代码执行漏洞，可允许经过身份验证的远程攻击者通过特制的UserAgent字符串，利用此漏洞在受影响设备上执行任意代码。

设备开启了HTTP Profiling功能时才受该漏洞影响。可以使用show wlan来查看设备是否开启了HTTP Profiling功能。一个示例如下：

--------------------------------------------------------------------

(WLC)>show wlan 3
WLAN Identifier.................................. 3
<output suppressed>
Network Admission Control
Client Profiling Status ....................... Enabled
DHCP ......................................... Disabled
HTTP ......................................... Enabled
<output suppressed>

--------------------------------------------------------------------

<*来源：Cisco

链接：http://seclists.org/fulldisclosure/2013/Jan/208
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc
*>

建议：
--------------------------------------------------------------------------------
厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-20130123-wlc）以及相应补丁:

cisco-sa-20130123-wlc：Multiple Vulnerabilities in Cisco Wireless LAN Controllers
链接：http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc

推荐文章：

Cisco Wireless LAN Controller HTTP配置功能远程代码执行漏洞