It seems that researchers at AirMagnet, a company dedicated to detection and prevention of intrusion attacks has found out that the Cisco Wireless LAN, very popularly used around the world known for its security and reliability is just not what it claims to be. The researchers have discovered a vulnerability and an exploit that can be used against networks that have the Over-the-Air-Provisioning (OTAP) feature turned on.
“We found it in our labs,” Wade Williamson, director of product management at AirMagnet, said on Monday. “We don’t know about it being exploited in the wild.”
Basically, the Cisco access points generate an unencrypted multicast data frame that is sent over the air and includes unencrypted data like the MAC address and the IP address of the wireless controller, as well as some configuration options, he said. The controller is used to manage the access points.
With that information, someone listening to the network could easily find the internal addresses of the WLAN controllers in the network and potentially target them with a denial-of-service attack, Williamson said.
“Someone out in the parking lot or a neighbor can look at the packets and see information about the controller on the wired side,” he said. “This is giving anybody that’s listening to the environment some pretty detailed information about the wired network that we want to keep protected.”
The researchers have already informed Cisco Systems about the vulnerability and they are working on a fix for it.