PT-2001-2029 · Cisco · Cisco 12000+1

Published

2001-12-06

Updated

2017-10-10

CVE-2001-0863

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Cisco 12000 with IOS version 12.0

Description The issue concerns the handling of the "fragment" keyword in a compiled ACL (Turbo ACL) for packets sent to the router. This can be exploited by remote attackers to cause a denial of service via a flood of fragments.

Recommendations For Cisco 12000 with IOS version 12.0, consider restricting access to the Turbo ACL feature until a patch is available to prevent exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0863

Affected Products

Cisco 12000

Ios

PT-2001-2029 · Cisco · Cisco 12000+1

CVE-2001-0863

Related Identifiers

Affected Products

References · 6