Vulnerability Details CVE-2001-0863
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.ciac.org/ciac/bulletins/m-018.shtml
- http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
- http://www.osvdb.org/1987
- http://www.securityfocus.com/bid/3539
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7551
- http://www.ciac.org/ciac/bulletins/m-018.shtml
- http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
- http://www.osvdb.org/1987
- http://www.securityfocus.com/bid/3539
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7551
Products affected by CVE-2001-0863
-
cpe:2.3:h:cisco:12000_router:-