Network Security Blogs

Internet and Computer Security Advisories and Updates

Aruba latest : January 2015 Security Advisory

This Aruba Security Advisory has been published on 27 January 2015 is regarding Wireless DoS attacked.




Aruba Product Security Advisory
===============================

Advisory ID: ARUBA-PSA-2015-001
CVE: CVE-2015-1348
Publication Date: 2015-01-27
Status: Confirmed, Fixed
Revision: 1



Title
=====
Aruba Instant (IAP) Wireless DoS Attack
 

Overview
========

Aruba has identified a problem with Aruba Instant firmware which could allow an attacker
to crash or clear the configuration of an access point through a wireless interface.


Affected Products
=================

 -- Aruba Instant version 4.0.0.6 and below (version <= 4.0.0.6)
 -- Aruba Instant version 4.1 below 4.1.1.2 (4.1.0.0 <= version < 4.1.1.2)


Solution
========

Upgrade to one of the following software versions:
  -- Aruba Instant version 4.0.0.7
  -- Aruba Instant version 4.1.1.2

At the time of publication, version 4.0.0.8 is available through Aruba's cloud
image server; this version may be installed from within the IAP administrative 
interface.


Details
=======

This vulnerability allows an attacker to cause an IAP to halt operation by sending 
crafted malformed frames over a wireless interface. Under some conditions,
the attack could cause an IAP cluster to lose its configuration, forcing the
cluster back to a factory-default state.

In order to protect customer networks, Aruba is providing no additional 
details in the initial advisory.  In accordance with our vulnerability
disclosure policy, Aruba will update this advisory in 60 days to provide
full details of the vulnerability.


here is the source detail for the latest Aruba Security Advisory Click Here

0 Komentar untuk "Aruba latest : January 2015 Security Advisory"

 
Copyright © 2014 Network Security Blogs - All Rights Reserved
Template By shahdinar