Cisco Access Control List Fragment Keyword Ignored Vulnerability

Cisco Access Control List Fragment Keyword Ignored Vulnerability

IOS is the Cisco Internet Operating System, distributed with and used on various Cisco network hardware.

A vulnerability in IOS on the 12000 series Cisco routers could make it possible for a remote user to send unauthorized traffic to a protected network. IOS does not filter packet fragments, even when the 'fragment' keyword is included in an ACL rule.

This vulnerability may result in attackers or users bypassing security policy.