Access Control List Vulnerability in Cisco 12000 Series Routers
CVE-2001-0865

Currently unrated

Key Information:

Vendor: Cisco
Status: 12000 Router
Vendor: CVE Published:; 6 December 2001

Summary

The Cisco 12000 Series routers running IOS version 12.0 and utilizing line cards based on Engine 2 exhibit a vulnerability where the 'fragment' keyword is not supported in outgoing Access Control Lists (ACLs). This oversight can permit fragmented packets to be transmitted, circumventing the intended access rules. This poses a significant security risk as it may allow unauthorized access to network resources and disrupt the integrity of traffic security.

References

http://www.ciac.org/ciac/bulletins/m-018.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/3540

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Dec 6, 2001
Vulnerability Reserved
Nov 22, 2001