CVE-2001-0867 Information

Description

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the \fragment\ keyword is used in an ACL which allows remote attackers to bypass the intended access controls.

Reference

http://www.ciac.org/ciac/bulletins/m-018.shtml http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml http://www.osvdb.org/1989 http://www.securityfocus.com/bid/3538 https://exchange.xforce.ibmcloud.com/vulnerabilities/7555