ID
VAR-200403-0151
TITLE
Cisco IOS RST-ACK Packet Access Control Bypass Vulnerability
Trust: 0.3
sources:
BID: 10052
DESCRIPTION
Cisco IOS 11.2 has been reported prone to an access control bypass vulnerability. The issue is reported to present itself on C2500-F2IN-L appliances, but may also affect other Cisco devices that are running IOS 11.2. It has been repotred that an attacker who resides on a blocked network segment may bypass the access controls by transmitting TCP packets to target hosts that have both RST and ACK flags set.
Trust: 0.3
sources:
BID: 10052
AFFECTED PRODUCTS
vendor: | cisco | model: | ios | scope: | eq | version: | 11.2(11) | Trust: 0.3 |
sources:
BID: 10052
THREAT TYPE
network
Trust: 0.3
sources:
BID: 10052
TYPE
Failure to Handle Exceptional Conditions
Trust: 0.3
sources:
BID: 10052
EXTERNAL IDS
db: | BID | id: | 10052 | Trust: 0.3 |
sources:
BID: 10052
REFERENCES
url: | http://www.security.nnov.ru/search/document.asp?docid=5974 | Trust: 0.3 |
sources:
BID: 10052
CREDITS
This vulnerability was discovered by the Security.NNOV group.
Trust: 0.3
sources:
BID: 10052
SOURCES
db: | BID | id: | 10052 |
LAST UPDATE DATE
2022-05-17T01:55:27.200000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 10052 | date: | 2004-03-29T00:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 10052 | date: | 2004-03-29T00:00:00 |