{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-02-04T00:00:00", "descriptions": [{"lang": "en", "value": "The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-02-10T10:00:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"}, {"name": "33608", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33608"}, {"name": "33749", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33749"}, {"name": "1021679", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021679"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2009-0059", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"}, {"name": "33608", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33608"}, {"name": "33749", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33749"}, {"name": "1021679", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021679"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2009-0059", "datePublished": "2009-02-05T00:00:00", "dateReserved": "2009-01-07T00:00:00", "dateUpdated": "2009-02-10T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB886E18-A1F0-4A05-AFBF-FFC4FA72373C", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5561784-ACF8-4CCD-94FA-AAA17AC8363E", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5830E746-BD5C-43A6-914F-1D8411E235E3", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "49DECEDD-4D87-455B-BC28-6227ABC49714", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "D797EE92-8C85-4C83-A96A-DF1922712742", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA1C016C-30FA-4F76-883B-12712316F750", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8FFC9F3-8342-4A71-9731-14EF90C8E678", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "E82E205F-2FA0-4030-8BC9-D622FCF015BF", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "54A95FA8-80E7-4995-ABE8-86326E698017", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "EBB9B9EF-1ADF-4C04-A9C4-EF87EF999D7E", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "C59B5CEE-8756-4A42-B9BA-489CE0DE5AA3", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F21CDB-2DFE-4781-8FC6-DF449FB6FA64", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5F3A8DBB-9E82-4428-9034-391F662DFA0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DC1E1F40-ECB6-42FB-838E-998B1893D5CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A1511CA9-B471-49D6-9BEE-1BADE6EC61E6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html."}, {"lang": "es", "value": "El Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), y Cisco Catalyst 3750 Integrated Wireless LAN Controller con software v4.x anterior a v4.2.176.0 y v5.2.x anterior a 5.2.157.0; permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de una sesi\u00f3n de autenticaci\u00f3n Web (tambi\u00e9n conocido WebAuth) que incluye una solicitud POST mal formada a login.html."}], "id": "CVE-2009-0059", "lastModified": "2018-10-30T16:25:50.030", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-02-05T00:30:00.280", "references": [{"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/33749"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/33608"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1021679"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}