Three are denial-of-service attacks. The fourth, specific to one particular software version, could allow a restricted user to gain full administrative rights to the controller. The DoS attacks could cause the controllers to hang or reload, with repeated attacks creating a sustained service denial condition, according to the alert.

No workarounds for these vulnerabilities exist. But Cisco has for all four of them. 

[Compare enterprise WLAN products with our online ]

Two of the DoS attacks are aimed at Web authentication. In one instance, the attacker can use a vulnerability scanner to cause the controller to stop servicing Web authentication for wireless clients, or cause the controller to reload. The second can trigger a controller reload by sending a malformed post to the Web authentication "login.html" page.

The third DoS attack involves the controller receiving "certain IP packets" that trigger a "DoS condition," causing the controller to become unresponsive. This is limited to software version 4.1 in the 4400 series, Catalyst 6500 Wireless Services Module, and 3750 Integrated Wireless LAN Controllers.