ID
VAR-199906-0038
TITLE
Cisco IOS established Access List Keyword Vulnerability
Trust: 0.3
DESCRIPTION
A vulnerability in certain versions of the Cisco IOS software running in the Cisco 12000 series Gigabit Switch Routers may allow a remote attacker to bypass security restrictions. The issue allows a vulnerable device to forward unauthorized traffic regardless of security restrictions. The issue occurs due to an error in the processing of the 'established' keyword in an access-list statement. Specifically, this issue presents itself when an affected router carries out the following command: access-list 101 permit tcp any any established It is reported that the vulnerable devices ignore the 'established' keyword and forward all TCP traffic to the relevant interface. Cisco Gigabit Switch Routers running Cisco IOS software release 11.2(14)GS2 to 11.2(15)GS3 are vulnerable to this issue.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.2 | Trust: 0.3 |
THREAT TYPE
network
Trust: 0.3
TYPE
Unknown
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 315 | Trust: 0.3 |
CREDITS
This vulnerability was reported to Cisco by a customer.
Trust: 0.3
SOURCES
| db: | BID | id: | 315 |
LAST UPDATE DATE
2022-05-17T02:02:14.985000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 315 | date: | 1999-06-10T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 315 | date: | 1999-06-10T00:00:00 |