Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0867


Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0867
Last Modified 05 Sep 2008 04:25:07
Published 06 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls.

Vulnerable Systems


CISCO - 20011114 Multiple Vulnerabilities in Access Control List Implementation for Cisco 12000 Series Internet Router

XF - cisco-acl-fragment-bypass(7555)

BID - 3538

OSVDB - 1989

CIAC - M-018

Last Updated: 27 May 2016 10:36:26