Cisco released software updates to address five separate denial of service vulnerabilities, all which the company considers either high or critical severity, across its product line this week. Three of the five vulnerabilities exist in Cisco s Wireless LAN Controller (WLC) devices, commonly used to manage and secure wireless networks in the enterprise. The most pressing WLC vulnerability, marked critical, stems from improper handling of HTTP traffic, meaning an attacker could send a request to a device and from there trigger a buffer overflow condition. The other vulnerabilities in WLC deal with an issue in the device s web-based device management interface and another in the Bonjour task manager.
Source: https://threatpost.com/cisco-patches-denial-of-service-flaws-across-three-products/117586/