Details of VAR-200112-0005

ID

VAR-200112-0005

CVE

CVE-2001-0867

TITLE

Cisco 12000 Outgoing ACL Packet fragmentation vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200112-050

DESCRIPTION

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. Cisco IOS is the router firmware included with numerous devices manufactured by Cisco Systems. IOS on Cisco 12000 series routers with Engine 2 based cards may fail to block intended traffic using outgoing ACLs. Outgoing ACL lists do not support the keyword 'fragment', and will ignore it. If the keyword is included in the ACL, fragmented packets will not be evaluated against the associated rules, possibly bypassing security policy

Trust: 1.26

sources: NVD: CVE-2001-0867 // BID: 3538 // VULHUB: VHN-3674

AFFECTED PRODUCTS

vendor:	cisco	model:	12000 router	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	12000 router	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 12.0st	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0s	scope:	-	version:	-	Trust: 0.3

sources: BID: 3538 // CNNVD: CNNVD-200112-050 // NVD: CVE-2001-0867

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-0867
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200112-050
value:	HIGH
Trust: 0.6
VULHUB:	VHN-3674
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2001-0867
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-3674
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-3674 // CNNVD: CNNVD-200112-050 // NVD: CVE-2001-0867

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-0867

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200112-050

TYPE

Design Error

Trust: 0.9

sources: BID: 3538 // CNNVD: CNNVD-200112-050

EXTERNAL IDS

db:	BID	id:	3538	Trust: 2.0
db:	NVD	id:	CVE-2001-0867	Trust: 1.7
db:	OSVDB	id:	1989	Trust: 1.7
db:	CNNVD	id:	CNNVD-200112-050	Trust: 0.7
db:	XF	id:	7555	Trust: 0.6
db:	CISCO	id:	20011114 MULTIPLE VULNERABILITIES IN ACCESS CONTROL LIST IMPLEMENTATION FOR CISCO 12000 SERIES INTERNET ROUTER	Trust: 0.6
db:	CIAC	id:	M-018	Trust: 0.6
db:	VULHUB	id:	VHN-3674	Trust: 0.1

sources: VULHUB: VHN-3674 // BID: 3538 // CNNVD: CNNVD-200112-050 // NVD: CVE-2001-0867

REFERENCES

url:	http://www.securityfocus.com/bid/3538	Trust: 1.7
url:	http://www.ciac.org/ciac/bulletins/m-018.shtml	Trust: 1.7
url:	http://www.cisco.com/warp/public/707/gsr-acl-pub.shtml	Trust: 1.7
url:	http://www.osvdb.org/1989	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/7555	Trust: 1.1
url:	http://xforce.iss.net/static/7555.php	Trust: 0.6
url:	http://www.cisco.com/warp/public/707/sec_incident_response.shtml	Trust: 0.3

sources: VULHUB: VHN-3674 // BID: 3538 // CNNVD: CNNVD-200112-050 // NVD: CVE-2001-0867

CREDITS

This vulnerability was first published in a Cisco Security Advisory on November 14th, 2001.

Trust: 0.9

sources: BID: 3538 // CNNVD: CNNVD-200112-050

SOURCES

db:	VULHUB	id:	VHN-3674
db:	BID	id:	3538
db:	CNNVD	id:	CNNVD-200112-050
db:	NVD	id:	CVE-2001-0867

LAST UPDATE DATE

2025-04-03T22:16:57.087000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-3674	date:	2017-10-10T00:00:00
db:	BID	id:	3538	date:	2001-11-14T00:00:00
db:	CNNVD	id:	CNNVD-200112-050	date:	2005-10-12T00:00:00
db:	NVD	id:	CVE-2001-0867	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-3674	date:	2001-12-06T00:00:00
db:	BID	id:	3538	date:	2001-11-14T00:00:00
db:	CNNVD	id:	CNNVD-200112-050	date:	2001-12-06T00:00:00
db:	NVD	id:	CVE-2001-0867	date:	2001-12-06T05:00:00