ID
VAR-200010-0080
CVE
CVE-2000-0700
TITLE
Cisco Gigabit Switch Routers (GSR) Forward packet vulnerability
Trust: 0.6
DESCRIPTION
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets. This could lead to exploitation of vulnerabilities that would normally have been protected by the access control lists. It may also be possible for an attacker to cause an interface on the target GSR to stop forwarding packets, resulting in a denial of service. The evasion of ACLs has to do with optimizations in handling of various packet types and occurs only on the affected interfaces. All versions of IOS greater than 11.2 on GSRs are assumed to be vulnerable
Trust: 1.26
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0 | Trust: 1.9 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.3 | Trust: 1.9 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.2 | Trust: 1.9 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0\(3\) | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.2\(8\) | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.2p | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0\(2\) | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.3\(1\) | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.2\(10\) | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0\(1\) | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.1 | Trust: 1.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0\(5\) | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0\(6\) | Trust: 1.0 |
| vendor: | cisco | model: | gigabit switch router 12008 | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | cisco | model: | gigabit switch router 12016 | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0\(4\) | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0\(7\)t | Trust: 1.0 |
| vendor: | cisco | model: | gigabit switch router 12012 | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | cisco | model: | ios 12.0 sc | scope: | ne | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 12.0 s | scope: | ne | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0.7 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0.6 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0.5 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0.4 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0.3 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0.2 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0.1 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.3.1 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.2.10 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 11.2.8 | Trust: 0.3 |
| vendor: | cisco | model: | ios 11.2p | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | gigabit switch router | scope: | eq | version: | 12016 | Trust: 0.3 |
| vendor: | cisco | model: | gigabit switch router | scope: | eq | version: | 12012 | Trust: 0.3 |
| vendor: | cisco | model: | gigabit switch router | scope: | eq | version: | 12008 | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.0 s1 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 11.2 gs0.2 | scope: | ne | version: | - | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-Other | Trust: 1.0 |
THREAT TYPE
remote
Trust: 0.6
TYPE
unknown
Trust: 0.6
EXTERNAL IDS
| db: | BID | id: | 1541 | Trust: 2.0 |
| db: | OSVDB | id: | 793 | Trust: 1.7 |
| db: | OSVDB | id: | 798 | Trust: 1.7 |
| db: | NVD | id: | CVE-2000-0700 | Trust: 1.7 |
| db: | CNNVD | id: | CNNVD-200010-085 | Trust: 0.7 |
| db: | CISCO | id: | 20000803 POSSIBLE ACCESS CONTROL BYPASS AND DENIAL OF SERVICE IN GIGABIT SWITCH ROUTERS USING GIGABIT ETHERNET OR FAST ETHERNET CARDS | Trust: 0.6 |
| db: | VULHUB | id: | VHN-2277 | Trust: 0.1 |
REFERENCES
| url: | http://www.securityfocus.com/bid/1541 | Trust: 1.7 |
| url: | http://www.cisco.com/warp/public/707/gsraclbypassdos-pub.shtml | Trust: 1.7 |
| url: | http://www.osvdb.org/793 | Trust: 1.7 |
| url: | http://www.osvdb.org/798 | Trust: 1.7 |
| url: | http://www.cisco.com/univercd/cc/td/doc/pcat/12000.htm | Trust: 0.3 |
| url: | http://www.cisco.com/warp/public/707/sec_incident_response.shtml | Trust: 0.3 |
CREDITS
First made public in a Cisco advisory published on August 3, 2000.
Trust: 0.3
SOURCES
| db: | VULHUB | id: | VHN-2277 |
| db: | BID | id: | 1541 |
| db: | CNNVD | id: | CNNVD-200010-085 |
| db: | NVD | id: | CVE-2000-0700 |
LAST UPDATE DATE
2024-08-14T14:29:39.588000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-2277 | date: | 2008-09-05T00:00:00 |
| db: | BID | id: | 1541 | date: | 2000-08-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-200010-085 | date: | 2005-08-17T00:00:00 |
| db: | NVD | id: | CVE-2000-0700 | date: | 2008-09-05T20:21:40.360 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-2277 | date: | 2000-10-20T00:00:00 |
| db: | BID | id: | 1541 | date: | 2000-08-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-200010-085 | date: | 2000-10-20T00:00:00 |
| db: | NVD | id: | CVE-2000-0700 | date: | 2000-10-20T04:00:00 |