CVE-2001-0865

Name of the Vulnerable Software and Affected Versions Cisco 12000 with IOS version 12.0

Description The issue concerns the Cisco 12000 device with IOS 12.0, specifically line cards based on Engine 2, which does not support the "fragment" keyword in an outgoing Access Control List (ACL). This lack of support could allow fragmented packets to bypass the intended access restrictions.

Recommendations For Cisco 12000 with IOS version 12.0, consider configuring ACLs to explicitly handle fragmented packets or seek alternative methods to enforce access control, as the device does not support the "fragment" keyword in outgoing ACLs.