Multiple Vulnerabilities in Access Control List Implementation for Cisco 12000 Series Internet Router - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

Six vulnerabilities involving Access Control List (ACL) has been
discovered in multiple releases of Cisco IOS Software Release for
Cisco 12000 Series Internet Routers. Not all vulnerabilities are
present in all IOS releases and only line cards based on the Engine 2
are affected by them.
No other Cisco product is vulnerable.
The workarounds are described in the Workarounds section.

See also :

http://www.nessus.org/u?b0647406
http://www.nessus.org/u?54f40b16

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20011114-gsr-acl.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 48959 (cisco-sa-20011114-gsr-aclhttp.nasl)

Bugtraq ID: 3535
3536
3537
3538
3539
3540
3542

CVE ID: CVE-2001-0862
CVE-2001-0863
CVE-2001-0864
CVE-2001-0865
CVE-2001-0866
CVE-2001-0867