Cisco Cisco Aironet 1200 Access Point Notas de publicación

CSCsc09453—Access point no longer shows channel least-congested in the running configuration

CSCsc33870—GUI now allows $ entry in WPA-PSK field

CSCsc37823—Devices now obtain IP addresses from DHCP server when WLSM and MBSSID is 
enabled on the access point

CSCsc40764—1100 series access point no longer crashes after upgrade to Cisco Release 12.3(7)JA1

CSCsc41949—1300 series outdoor access point/bridge no longer crashes when processing 
AiroIAPP Protocol

CSCsc43974—RSN capabilities IE no changes when the radio resets

CSCsc50962—Express Setup page now shows correct Aironet Extension settings

CSCsc51365—Access point no longer resets client state after receiving an authorization request

CSCsc54623—The dot11 wpa handshake timeout command is now available

CSCsc64976—HTTP server should scrub embedded HTML tags from command output

A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically 
generated output, such as the output from a show buffers command, will be passed to the browser 
requesting the page. This HTML code could be interpreted by the client browser and potentially 
execute malicious commands against the device or other possible cross-site scripting attacks. 
Successful exploitation of this vulnerability requires that a user browse a page containing dynamic 
content in which HTML commands have been injected.

Cisco will be making free software available to address this vulnerability for affected customers. 
There are workarounds available to mitigate the effects of the vulnerability. This advisory is 
posted at 

.

This caveat is duplicated by CSCsc89020.

CSCsc68458—Native IOS LWAPP access point can now be managed by WLSE after converting to 
Autonomous Mode (IOS)

CSCsc78972—sh wlccp wds mn detail command now shows VLAN info for associated clients

CSCsc80506—Access point no longer replies to ARP requests with 0.0.0.0

CSCsc94879—Access point no longer continues to stream RTP packets to a Cisco 7920 phone after 
the 7920 sends a deauthentication packet to the access point

CSCeh26653—cdp source-interface BVI1 configuration no longer disappears after rebooting

CSCej75301— parser_add_link_to_list now uses chunks to avoid memory fragmentation

CSCek23736—Typographical errors corrected in debug dot11 beacon command

CSCsb14191—Traceback no longer appears when configuring over 250 login authentication  lists

This caveat is duplicated by CSCsb51384.

CSCsb20723—Access point default behavior to limit client transmitter power has been corrected

CSCsb72895—Access points now support the whyReload mib command

CSCsc11134—Radio driver does not check for encryption required on receive

Cisco Access Points operating in Lightweight Access Point Protocol (LWAPP) mode may allow 
unauthenticated end hosts to send unencrypted traffic to a secure network by sending frames from 
the Media Access Control (MAC) address of an already authenticated end host.

Only the access points that are operating in LWAPP (i.e. controlled by a separate Wireless LAN 
Controller) mode are affected. Access points that are running in autonomous mode are not affected.