188金宝搏的网址_188金博的官方网址导航

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aruba Product Security Advisory =============================== Advisory ID: Aruba - psa -2015-001 CVE: CVE-2015-1348发布日期:2015-01-27状态:已确认，修正版本:1标题===== Aruba Instant (IAP)无线DoS攻击概述======== Aruba已识别出Aruba Instant固件的一个问题，该问题可能允许攻击者通过无线接口崩溃或清除接入点的配置。受影响产品=================—Aruba Instant version 4.0.0.6及以下(version <= 4.0.0.6)—Aruba Instant version 4.1 below 4.1.1.2 (4.1.0.0 <= version < 4.1.1.2)解决方案========升级到以下软件版本:—Aruba Instant version 4.0.0.7—Aruba Instant version 4.1.1.2发布时，版本4.0.0.8可通过Aruba的云映像服务器获得;这个版本可以从IAP管理界面安装。=======此漏洞允许攻击者通过无线接口发送精心制作的畸形帧，从而导致IAP停止操作。在某些情况下，攻击可能会导致IAP集群丢失其配置，迫使集群回到出厂默认状态。为了保护客户网络，阿鲁巴在最初的咨询中没有提供额外的细节。根据我们的漏洞披露政策，Aruba将在60天内更新此通知，提供漏洞的全部细节。解决方案==========这个问题没有解决方案。 Vulnerability Metrics ===================== Vulnerability Class: Heap-based Buffer Overflow (CWE-122) Severity: Low CVSSv2 Overall Score: 2.4 CVSSv2 Group Scores: Base: 2.1, Temporal: 1.6, Environmental: 2.4 CVSSv2 Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C/CDP:N/TD:ND/CR:L/IR:L/AR:H) Discovery ========= This issue was reported to Aruba's TAC by a customer. Obtaining Fixed Software ======================== Aruba customers can obtain software updates on the support website: http://support.arubanetworks.com Aruba Support contacts are as follows: +1-800-WiFiLAN (1-800-943-4526) (toll free from within North America) +1-408-754-1200 (toll call from anywhere in the world) The full contact list is at: //www.nexbus-cng.com/support-services/support-program/contact-support/ e-mail: support(at)arubanetworks.com Please do not contact "sirt(at)arubanetworks.com" for software upgrades. Revision History ================ Revision 1.0 / 2015-Jan-27 / Initial release Aruba SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in Aruba Networks products, obtaining assistance with security incidents is available at: //www.nexbus-cng.com/support-services/security-bulletins/ For reporting *NEW* Aruba Networks security issues, email can be sent to sirt(at)arubanetworks.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: //www.nexbus-cng.com/support-services/security-bulletins/ (c) Copyright 2015 by Aruba Networks, Inc. This advisory may be redistributed freely after the release date given at the top of the text, provided that redistributed copies are complete and unmodified, including all date and version information. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJUwo2oAAoJEJj+CcpFhYbZYtkH/i/i2T6/kbQ9eqiFOJz8VjP/ OPKNhmzhk9uFh5zx6oR3oLZkUVnxRNYnATksM3dk+K14nMXQMUHAMQ3acdkMX0oY RtOeazUjGa9EtsyqKc2Wosl8NxN7jfIk3AXGJOg9Spvlt+zYLuDORHngrypmOoQa 9lGaccro1cGccuOOFHpnhS7xc70SrZShL0Ske8kMG7GemThdTSde906k4jloNvK8 NjwLPwwMZ3MjHCXEljqPZHDsE6wMhMdsFmHRsE+geoAvm31Joxm1et+7WMhEKxmL rNCe8+71vcPb5Hx0LxYToY2J0lOR6YQVM96d+O/CCd9wt6ZLJGNqyL/rA27hsUk= =syzk -----END PGP SIGNATURE-----