Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5563

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-5563
Last Modified 29 Jan 2009 01:59:31
Published 15 Dec 2008 01:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5563

Summary

Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame.

Vulnerable Systems

Operating System

  • Aruba Networks Aruba Mobility Controller 2.4.8

  • Aruba Networks Aruba Mobility Controller 2.4.8.11

  • Aruba Networks Aruba Mobility Controller 2.4.8.5

  • Aruba Networks Aruba Mobility Controller 2.4.8.6

  • Aruba Networks Aruba Mobility Controller 2.5.2.11

  • Aruba Networks Aruba Mobility Controller 2.5.4.17

  • Aruba Networks Aruba Mobility Controller 2.5.4.18

  • Aruba Networks Aruba Mobility Controller 2.5.4.25

  • Aruba Networks Aruba Mobility Controller 2.5.5

  • Aruba Networks Aruba Mobility Controller 2.5.5.7

  • Aruba Networks Aruba Mobility Controller 2.5.6

  • Aruba Networks Aruba Mobility Controller 3.1.1

  • Aruba Networks Aruba Mobility Controllers 3.1.1.3

  • Arubanetworks Aruba Mobility Controller 3.1.1.0

  • Arubanetworks Aruba Mobility Controller 3.1.1.3

  • Arubanetworks Aruba Mobility Controller 3.2.0.0

  • Arubanetworks Aruba Mobility Controller 3.3.1.0

  • Arubanetworks Aruba Mobility Controller 3.3.1.6


References

SECTRACK - 1021362

BID - 32694

BUGTRAQ - 20081208 DoS Vulnerability in Aruba Mobility Controller Caused by Malformed EAP Frame (Aruba Advisory ID: AID-12808)

CONFIRM - http://www.arubanetworks.com/support/alerts/aid-12808.asc

SREASON - 4728

SECUNIA - 33057


Last Updated: 27 May 2016 10:48:50