Cisco fix iPhone/Cisco WLAN Issues

[cdodkin]

Just got this from Cisco regarding the wi-fi issues that received press at places like Duke Uni. Looks like it was a Cisco issue that the new iPhone uncovered!

Cisco Wireless Partners,
BELOW IS INFO FROM CISCO ON AN ISSUE YOU MAY OR MAY NOT HAVE HEARD ABOUT ALREADY
Team --

Today, Cisco is releasing a security advisory with details on a Wireless LAN controller vulnerability that has recently been discussed in the media and in the blogosphere. The security advisory is publicly posted on http://www.cisco.com/warp/public/707...0724-arp.shtml and contains a detailed description of the vulnerability, as well as associated software fixes and workarounds.

The purpose of this email is to provide context and key positioning points for interactions with customers and prospects this week, whether in the field or at Cisco Networkers this week in Anaheim, CA.

As a quick summary of the issue, the Apple iPhone utilizes a newly implemented RFC for Address Resolution Protocol unicast messages (RFC4436) for static IP devices roaming between subnets. A vulnerable Wireless LAN Controller could mishandle such ARP messages and forward to all other controllers in the mobility group. This behavior is repeated, and potentially could cause service disruptions.

Cisco takes interoperability and security issues very seriously and has addressed this issue. As we see a sharp increase in Wi-Fi mobile devices, such as the iPhone, Cisco has and will continue to work diligently with device manufacturers and the Wi-Fi Alliance to pursue seamless operation with Cisco Unified Wireless Network products. Cisco has a unique, strong program in place in Cisco Compatible Extensions (CCX) to help meet this goal.