Cisco IOS Firewall CBAC ACL Bypass (CSCdv48261)

This script is (C) 2002-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The IOS Firewall Feature set, also known as Cisco Secure Integrated
Software, also known as Context Based Access Control (CBAC), and
introduced in IOS version 11.2P, has a vulnerability that permits
traffic normally expected to be denied by the dynamic access control
lists.

An attacker may use this flaw to break into your network even though
it was explicitly denied.

This vulnerability is documented as Cisco Bug ID CSCdv48261.

Solution :

http://www.nessus.org/u?3fbe8d75

Reference : http://online.securityfocus.com/archive/1/242844

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: CISCO

Nessus Plugin ID: 10985 (CSCdv48261.nasl)

Bugtraq ID:

CVE ID: CVE-2001-0929