Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2001-0865 | First vendor Publication | 2001-12-06 |
Vendor | Cve | Last vendor Modification | 2017-10-10 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0865 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5461 | |||
Oval ID: | oval:org.mitre.oval:def:5461 | ||
Title: | Cisco IOS 12.0 Turbo ACL Denial of Service Vulnerability | ||
Description: | Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | ||
Family: | ios | Class: | vulnerability |
Reference(s): | CVE-2001-0865 | Version: | 1 |
Platform(s): | Cisco IOS | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Hardware | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
1988 | Cisco 12000 Series Router Turbo ACL DoS Cisco IOS on Cisco 12000 series routers contains a flaw that may allow a remote denial of service. The issue is triggered by the "fragment" keyword being ignored in an ACL if the packet is destined fo rthe router itself, and will result in loss of availability for the platform. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch File : cisco-sa-20011114-gsr-aclhttp.nasl - Type : ACT_GATHER_INFO |
2002-06-05 | Name : The remote router has multiple security bypass vulnerabilities. File : cisco_gsr_acl.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:27 |
|
2021-04-22 01:01:36 |
|
2020-05-23 00:14:43 |
|
2017-10-10 09:23:22 |
|
2016-06-28 14:56:53 |
|
2014-02-17 10:24:00 |
|
2013-05-11 12:05:33 |
|