Cisco IOS 11.2 Access Controls Can By Bypassed With Packets With Both RST and ACK Set
|
|
SecurityTracker Alert ID: 1009570
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Mar 29 2004
|
Impact: Host/resource access via network
|
Version(s): 11.2 (11), RELEASE SOFTWARE (fc1), as tested on a C2500-F2IN-L
|
Description: A denial of service vulnerability was reported in an older version of Cisco IOS software. A remote user can bypass access controls to traverse the device.
SECURITY.NNOV posted a report by Igor U. Miturin indicating that when a C2500-F2IN-L running IOS 11.2(11) is configured to block
packets from certain networks, a remote user on those restricted networks can send a specially crafted packet with both the RST
and ACK flags set to bypass the access controls.
The original report is available at:
http://www.security.nnov.ru/search/document.asp?docid=5974
|
Impact: A remote user can bypass access controls to access hosts on the internal network.
|
Solution: The report suggests that updating the IOS software may correct the flaw.
|
Vendor URL: www.cisco.com/ (Links to External Site)
|
Cause: Access control error, State error
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sun, 28 Mar 2004 01:22:16 -0500
Subject: http://www.security.nnov.ru/search/document.asp?docid=5974
|
http://www.security.nnov.ru/search/document.asp?docid=5974
SECURITY.NNOV posted a report by Igor U. Miturin regarding a vulnerability in Cisco IOS
11.2 (11), RELEASE SOFTWARE (fc1), as tested on a C2500-F2IN-L.
The report indicates that when the device is configured to block packets from certain
networks, a remote user on those restricted networks can send a specially crafted packet
with both the RST and ACK flags set to bypass the access controls.
The report also suggests that updating the IOS software may correct the flaw.
|
|
