Cisco IOS 11.2 Access Controls Can By Bypassed With Packets With Both RST and ACK Set
|
|
SecurityTracker Alert ID: 1009570 |
|
SecurityTracker URL: http://securitytracker.com/id/1009570
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Mar 29 2004
|
Impact:
Host/resource access via network
|
|
Version(s): 11.2 (11), RELEASE SOFTWARE (fc1), as tested on a C2500-F2IN-L
|
Description:
A denial of service vulnerability was reported in an older version of Cisco IOS software. A remote user can bypass access controls to traverse the device.
SECURITY.NNOV posted a report by Igor U. Miturin indicating that when a C2500-F2IN-L running IOS 11.2(11) is configured to block packets from certain networks, a remote user on those restricted networks can send a specially crafted packet with both the RST and ACK flags set to bypass the access controls.
The original report is available at:
http://www.security.nnov.ru/search/document.asp?docid=5974
|
Impact:
A remote user can bypass access controls to access hosts on the internal network.
|
Solution:
The report suggests that updating the IOS software may correct the flaw.
|
Vendor URL: www.cisco.com/ (Links to External Site)
|
Cause:
Access control error, State error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sun, 28 Mar 2004 01:22:16 -0500
Subject: http://www.security.nnov.ru/search/document.asp?docid=5974
|
http://www.security.nnov.ru/search/document.asp?docid=5974
SECURITY.NNOV posted a report by Igor U. Miturin regarding a vulnerability in Cisco IOS
11.2 (11), RELEASE SOFTWARE (fc1), as tested on a C2500-F2IN-L.
The report indicates that when the device is configured to block packets from certain
networks, a remote user on those restricted networks can send a specially crafted packet
with both the RST and ACK flags set to bypass the access controls.
The report also suggests that updating the IOS software may correct the flaw.
|
|
