Users have been warned of a security flaw in Cisco wireless local area network controllers that could allow attackers...
to send malicious traffic on secured Wi-Fi networks.
The problem affects large Wi-Fi networks using Cisco 1200, 1131 and 1240 series Wi-Fi access points that are controlled by Cisco 2000 and 4400 series wireless Lan controllers. The bug does not affect smaller networks.
Controllers are used to control larger numbers of access points, and to manage functions such as security policies and intrusion prevention features.
Because of the reported flaw, access points may accept unencrypted incoming traffic, even if the points have been configured to accept only encrypted traffic.
An attacker could exploit this flaw to unleash malicious traffic on a supposedly secure wireless network, the company said.
Cisco has released a software update to make sure the affected controllers fully protect users' networks.
Cisco has also recently issued a patch to protect a security hole in its main IOS router operating system. The update fixes a heap-overflow vulnerability in IOS.
The flaw was originally to be revealed at the Black Hat hackers' convention, but Cisco went to court to prevent full details of the vulnerability being disclosed.