ID
VAR-200111-0084
TITLE
Cisco Access Control List Fragment Keyword Ignored Vulnerability
Trust: 0.3
DESCRIPTION
IOS is the Cisco Internet Operating System, distributed with and used on various Cisco network hardware. A vulnerability in IOS on the 12000 series Cisco routers could make it possible for a remote user to send unauthorized traffic to a protected network. IOS does not filter packet fragments, even when the 'fragment' keyword is included in an ACL rule. This vulnerability may result in attackers or users bypassing security policy.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios 12.0st | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.0s | scope: | - | version: | - | Trust: 0.3 |
THREAT TYPE
network
Trust: 0.3
TYPE
Design Error
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 3542 | Trust: 0.3 |
REFERENCES
| url: | http://www.cisco.com/warp/public/105/acl_wp.html | Trust: 0.3 |
| url: | http://www.cisco.com/warp/public/707/sec_incident_response.shtml | Trust: 0.3 |
CREDITS
This vulnerability was first published in a Cisco Security Advisory on November 14th, 2001.
Trust: 0.3
SOURCES
| db: | BID | id: | 3542 |
LAST UPDATE DATE
2022-05-17T01:52:14.464000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 3542 | date: | 2001-11-14T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 3542 | date: | 2001-11-14T00:00:00 |