Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5680
https://exchange.xforce.ibmcloud.com/vulnerabilities/24086
http://www.vupen.com/english/advisories/2006/0176
http://www.securityfocus.com/bid/16217
http://securitytracker.com/id?1015483