VULHUB ™

IOS is the Cisco Internet Operating System, distributed with and used on various Cisco network hardware. A possible vulnerability in IOS on the 12000 series Cisco routers could make it possible for a remote user to send unauthorized traffic to a protected network. IOS for the Cisco 12000 has only recently added the ability to filter fragmented packets in outgoing traffic. If a 'fragment' rule in an outgoing ACL exists in a version without this feature, attackers may be able to evade it and send fragmented packets to a protect network. This vulnerability may result in attackers or users bypassing security policy.

IOS is the Cisco Internet Operating System, distributed with and used on various Cisco network hardware. A possible vulnerability in IOS on the 12000 series Cisco routers could make it possible for a remote user to send unauthorized traffic to a protected network. IOS for the Cisco 12000 has only recently added the ability to filter fragmented packets in outgoing traffic. If a 'fragment' rule in an outgoing ACL exists in a version without this feature, attackers may be able to evade it and send fragmented packets to a protect network. This vulnerability may result in attackers or users bypassing security policy.