In association with heise online

13 February 2007, 14:05

Security problems in "secure" Aruba wireless controllers

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Jan Münther and Maxim Salomon of security company n.runs have discovered two security problems in Aruba wireless controllers. First up, it is possible to obtain access to the administrator front end using a guest access, without needing to enter further login information. Secondly, a buffer overflow may occur on the heap in the management interface if overly long login data is used. According to n.runs, this may lead to execution of injected code.

The severity of these problems is exacerbated by the fact that Aruba's access points, which are not exactly cheap, are primarily used in business and government agency environments with special security requirements. Aruba promotes its products on the basis of its certification to FIPS 140-2, a US security standard for governmental agencies. An application for certification to Common Criteria EAL4 has been made for the Aruba 800 and 6000 Mobility Controller and was expected in early 2007.

Aruba Networks Mobility Controllers (200, 800, 2400, and 6000) running software versions greater than 2.0 and the Alcatel-Lucent OmniAccess Wireless 43xx and 6000 are affected. According to n.runs, Aruba has made updated firmware available to customers to fix these the problems, via it's support pages. As a workaround users can and should make access to the administrator interface as restrictive as possible and if possible even restrict it to the console.

See also


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit