Cisco Gigabit Switch Routers (GSR) Line Card Failure ACL Bypas (CSCdp35794)

medium Nessus Plugin ID 10975

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

A defect in Cisco IOS Software running on all models of Gigabit Switch Routers (GSRs) configured with Gigabit Ethernet or Fast Ethernet cards may cause packets to be forwarded without correctly evaluating configured access control lists (ACLs). In addition to circumventing the access control lists, it is possible to stop an interface from forwarding any packets, thus causing a denial of service.

This vulnerability is documented as Cisco bug ID CSCdp35794.

Solution

http://www.nessus.org/u?23472f49

Plugin Details

Severity: Medium

ID: 10975

File Name: CSCdp35794.nasl

Version: 1.22

Type: local

Family: CISCO

Published: 6/5/2002

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: SNMP/community, SNMP/sysDesc, CISCO/model

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/3/2000

Reference Information

CVE: CVE-2000-0700

BID: 1541