COMMAND

	Cisco Aironet DoS via telnet

SYSTEMS AFFECTED

	 All releases up to, but excluding, 11.21 are vulnerable. The following

	 hardware products are affected :

	

	   * Cisco Aironet Access Point 340 and 350

	   * Cisco Aironet Bridge 350

	

PROBLEM

	In Cisco advisory
	 [http://www.cisco.com/warp/public/707/Aironet-Telnet.shtml] :

	

	It is possible to cause Cisco  Aironet  products  to  reboot  if  Telnet
	access is enabled and a password is  required  for  authorization.  This
	can be accomplished by providing an invalid username and password.
	

	By repeatedly  exploiting  this  vulnerability  an  attacker  can  cause
	denial of service.

SOLUTION

	The workaround for this vulnerability is to disable Telnet access.
	

	This vulnerability is fixed in release 11.21, which is available now.