MY80211
CCIE Wireless v2
Cisco Design Guides
My80211 Projects
WiFi Tools
CWNP or BUST Blogs!
My80211 White Papers (Coming Soon!)

Cisco Wireless Compatibility Matrix (Nov. 2011)

Archives - Cisco Alerts
PODCAST!

WLANPROFESSIONALS.COM PODCAST

Info
Social Links
Blogroll Call
Cerification Guides and Books
IEEE 802.11 STANDARDS
Peek Inside Cisco's Gear

See inside Cisco's latest wireless gear!

2.4 GHz Channel Overlap

EXAMPLE 1  

EXAMPLE 2

EXAMPLE 3  

LWAPP QoS Packet Tagging

 

 

Interference Types

BLUETOOTH
 

Microwave Oven
 

Cordless Phone

JAMMER!
 

IEEE 802.11a/g/n Reference Sheet

 

CWSP RELEASE DATE 2/08/2010
  • CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    by David D. Coleman, David A. Westcott, Bryan E. Harkins, Shawn M. Jackman

    Shawn Jackman (Jack) CWNE#54 is a personal friend and has been a mentor to me for many years.  I've had the pleasure and opportunity to work with Jack for 4 years. Jack is a great teacher who takes complex 802.11 standards and breaks them down so almost anyone can understand the concept at hand. I'm excited for you brother. Great job and job well done! Put another notch in the belt!

« Cisco WiSM Config Practice Opens SVI Vulnerability | Main | Cisco 6.0.199.0 - Reported Vocera Issues »
Sunday
Aug152010

Cisco WCS SQL Injection Vulnerability: CSCtf37019

DateSunday, August 15, 2010 at 12:02AM

  

Cisco released a WCS vulnerability last week

Cisco WCS devices running software 6.0.x are affected by this vulnerability.

Note: Cisco WCS software release 7.0 is not affected by this vulnerability. Cisco WCS version 7.0.164.0 (which is the first 7.0 version) already contains the fix for this vulnerability. Cisco WCS software releases prior to 6.0 are not affected by this vulnerability.

The version of WCS software installed on a particular device can be found via the Cisco WCS HTTP management interface. Choose Help > About the Software to obtain the software version.

Cisco WCS enables an administrator to configure and monitor one or more WLCs and associated access points.

A SQL injection vulnerability exists in Cisco WCS. Exploitation could allow an authenticated attacker to modify system configuration; create, modify and delete users; or modify the configuration of wireless devices managed by WCS.

This vulnerability is documented in Cisco bug ID CSCtf37019 ( registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2010-2826.

 

Read more about this field notice: 

http://www.cisco.com/warp/public/707/cisco-sa-20100811-wcs.shtml

AuthorGeorge | CommentPost a Comment |

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.