CVE-2001-0929
CVSS7.5
发布时间 :2001-11-28 00:00:00
修订时间 :2008-09-05 16:25:15
NMCOS    

[原文]Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.


[CNNVD]Cisco Context Based Access Control协议检查绕过漏洞(CNNVD-200111-047)

        用于IOS 11.2P至12.2T的Cisco IOS 防火墙特征设置,也称为Context Based Access Control (CBAC)或Cisco Secure Integrated软件不能正确检查IP协议类型。远程攻击者可以利用该漏洞绕过访问控制列表。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:cisco:ios:12.1tCisco IOS 12.1T
cpe:/o:cisco:ios:12.2Cisco IOS 12.2
cpe:/o:cisco:ios:11.3tCisco IOS 11.3T
cpe:/o:cisco:ios:12.1eCisco IOS 12.1E
cpe:/o:cisco:ios:12.1Cisco IOS 12.1
cpe:/o:cisco:ios:12.0Cisco IOS 12.0
cpe:/o:cisco:ios:11.2pCisco IOS 11.2P
cpe:/o:cisco:ios:12.0tCisco IOS 12.0T
cpe:/o:cisco:ios:12.2tCisco IOS 12.2T

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:5892Cisco IOS Protocol Check Design Error
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0929
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0929
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200111-047
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/362483
(UNKNOWN)  CERT-VN  VU#362483
http://www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml
(VENDOR_ADVISORY)  CISCO  20011128 A Vulnerability in IOS Firewall Feature Set
http://xforce.iss.net/xforce/xfdb/7614
(UNKNOWN)  XF  ios-cbac-bypass-acl(7614)
http://www.securityfocus.com/bid/3588
(UNKNOWN)  BID  3588
http://www.osvdb.org/808
(UNKNOWN)  OSVDB  808

- 漏洞信息

Cisco Context Based Access Control协议检查绕过漏洞
高危 设计错误
2001-11-28 00:00:00 2005-05-02 00:00:00
远程  
        用于IOS 11.2P至12.2T的Cisco IOS 防火墙特征设置,也称为Context Based Access Control (CBAC)或Cisco Secure Integrated软件不能正确检查IP协议类型。远程攻击者可以利用该漏洞绕过访问控制列表。

- 公告与补丁

        Cisco has released an advisory, along with fixes to address this issue.
        Cisco IOS 12.2T
        

  •         Cisco IOS 12.2(7)
            

  •         

        Cisco IOS 11.2 P
        

  •         Cisco IOS 12.0(21)
            

  •         

        Cisco IOS 11.3 T
        

  •         Cisco IOS 12.0(21)
            

  •         

        Cisco IOS 12.0 XA
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XI
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XM
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XC
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XB
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 T
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XG
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XQ
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XV
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XK
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XR
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XE
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.0 XD
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.1 YC
        

  •         Cisco IOS 12.1(5)YC2
            

  •         

        Cisco IOS 12.1 E
        

  •         Cisco IOS 12.1(10)E
            

  •         

        Cisco IOS 12.1 XI
        

  •         Cisco IOS 12.2(6)
            

  •         

        Cisco IOS 12.1 T
        

  •         Cisco IOS 12.2(6)
            

  •         

        Cisco IOS 12.1 XK
        

  •         Cisco IOS 12.2(6)
            

  •         

        Cisco IOS 12.1 YB
        

  •         Cisco IOS 12.1(5)YB5
            

  •         

        Cisco IOS 12.1 XG
        

  •         Cisco IOS 12.1(3)XG6
            

  •         

        Cisco IOS 12.1 XB
        

  •         Cisco IOS 12.1(5)YB1
            

  •         

        Cisco IOS 12.1
        

  •         Cisco IOS 12.1(12)
            

  •         

        Cisco IOS 12.1 XM
        

  •         Cisco IOS 12.1(5)XM6
            

  •         

        Cisco IOS 12.1 YF
        

  •         Cisco IOS 12.1(5)YF3
            

  •         

        Cisco IOS 12.1 XL
        

  •         Cisco IOS 12.2(6)
            

  •         

        Cisco IOS 12.1 XF
        

  •         Cisco IOS 12.1(2)XF5
            

  •         

        Cisco IOS 12.1 YE
        

  •         Cisco IOS 12.1(5)YE4
            

  •         

        Cisco IOS 12.1 XH
        

  •         Cisco IOS 12.2(6)
            

  •         

        Cisco IOS 12.2 XJ
        

  •         Cisco IOS 12.2(2)XJ1
            

  •         

        Cisco IOS 12.2 DD
        

  •         Cisco IOS 12.2(4)B
            

  •         

        Cisco IOS 12.2 XE
        

  •         Cisco IOS 12.2(1)XE2
            

  •         

        Cisco IOS 12.2 XD
        

  •         Cisco IOS 12.2(2)XD3
            

  •         

        Cisco IOS 12.2 XK
        

  •         Cisco IOS 12.2(2)XK5
            

  •         

        Cisco IOS 12.2 XQ
        

  •         Cisco IOS 12.2(2)XQ2
            

  •         

        Cisco IOS 12.2 XI
        

  •         Cisco IOS 12.2(2)XI1
            

  •         

        Cisco IOS 12.2
        

  •         Cisco IOS 12.2(6)
            

  •         

        Cisco IOS 12.2 XH
        

  •         Cisco IOS 12.2(2)XH2
            

  •         

- 漏洞信息

808
Cisco IOS Firewall CBAC ACL Bypass

- 漏洞描述

IOS contains a flaw that may allow a malicious user to direct network traffic to a protected host. The issue is triggered when IOS fails to check the protocol type of return traffic which otherwise matches a dynamic access list entry. It is possible that the flaw may allow unauthorized traffic to pass into a protected network.

- 时间线

2001-11-28 2001-11-28
Unknow Unknow

- 解决方案

Upgrade to version indicated by Cisco product matrix, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Cisco Context Based Access Control Protocol Check Bypassing Vulnerability
Design Error 3588
Yes No
2001-11-28 12:00:00 2006-07-13 08:13:00
This vulnerability was announced in a Cisco Security Advisory on November 28, 2001.

- 受影响的程序版本

Cisco IOS 12.2XQ
Cisco IOS 12.2XK
Cisco IOS 12.2XJ
Cisco IOS 12.2XI
Cisco IOS 12.2XH
Cisco IOS 12.2XE
Cisco IOS 12.2XD
Cisco IOS 12.2T
Cisco IOS 12.2DD
Cisco IOS 12.2
Cisco IOS 12.1YF
Cisco IOS 12.1YE
Cisco IOS 12.1YC
Cisco IOS 12.1YB
Cisco IOS 12.1XT
Cisco IOS 12.1XP
Cisco IOS 12.1XM
Cisco IOS 12.1XL
Cisco IOS 12.1XK
Cisco IOS 12.1XJ
Cisco IOS 12.1XI
Cisco IOS 12.1XH
Cisco IOS 12.1XG
Cisco IOS 12.1XF
Cisco IOS 12.1XC
Cisco IOS 12.1XB
Cisco IOS 12.1T
Cisco IOS 12.1E
Cisco IOS 12.1
Cisco IOS 12.0XV
Cisco IOS 12.0XR
Cisco IOS 12.0XQ
Cisco IOS 12.0XM
Cisco IOS 12.0XK
Cisco IOS 12.0XI
Cisco IOS 12.0XG
Cisco IOS 12.0XE
Cisco IOS 12.0XD
Cisco IOS 12.0XC
Cisco IOS 12.0XB
Cisco IOS 12.0XA
Cisco IOS 12.0T
Cisco IOS 11.3T
Cisco IOS 11.2P
Cisco IOS 12.2(8)T
Cisco IOS 12.2(6)
Cisco IOS 12.2(5.7)T
Cisco IOS 12.2(2)XQ2
Cisco IOS 12.2(2)XK5
Cisco IOS 12.2(2)XJ1
Cisco IOS 12.2(2)XI1
Cisco IOS 12.2(2)XD3
Cisco IOS 12.2(2)XD3
Cisco IOS 12.1(9.6)E
Cisco IOS 12.1(8a)E5
Cisco IOS 12.1(5)YF3
Cisco IOS 12.1(5)YE4
Cisco IOS 12.1(5)YC2
Cisco IOS 12.1(5)YB5
Cisco IOS 12.1(5)XM6
Cisco IOS 12.1(12)
Cisco IOS 12.1(11a)
Cisco IOS 12.1(11.1)
Cisco IOS 12.1(10)E
Cisco IOS 12.0(21)
Cisco IOS 12.0(20.3)

- 不受影响的程序版本

Cisco IOS 12.2(8)T
Cisco IOS 12.2(6)
Cisco IOS 12.2(5.7)T
Cisco IOS 12.2(2)XQ2
Cisco IOS 12.2(2)XK5
Cisco IOS 12.2(2)XJ1
Cisco IOS 12.2(2)XI1
Cisco IOS 12.2(2)XD3
Cisco IOS 12.2(2)XD3
Cisco IOS 12.1(9.6)E
Cisco IOS 12.1(8a)E5
Cisco IOS 12.1(5)YF3
Cisco IOS 12.1(5)YE4
Cisco IOS 12.1(5)YC2
Cisco IOS 12.1(5)YB5
Cisco IOS 12.1(5)XM6
Cisco IOS 12.1(12)
Cisco IOS 12.1(11a)
Cisco IOS 12.1(11.1)
Cisco IOS 12.1(10)E
Cisco IOS 12.0(21)
Cisco IOS 12.0(20.3)

- 漏洞讨论

IOS is a Cisco Internetwork Operating System. It is maintained and distributed by Cisco, and used on various types of Cisco hardware.

A problem has been found in the checking of protocol by the system. The vulnerable version of IOS does not check the protocol type of the packets, thus making it possible for a system on either end of the connection to send data of a different type. One such instance would be a system on the protected network sending a UDP packet to a system outside of the protected network, and the external system returning a connection to the host via TCP using the pre-established IP address and port numbers.

This could allow a remote user to gather intelligence about a host, and potentially lead to an organized attack against network resources.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Cisco has released an advisory, along with fixes to address this issue.


Cisco IOS 12.1YC
  • Cisco IOS 12.1(5)YC2


Cisco IOS 12.1E
  • Cisco IOS 12.1(10)E


Cisco IOS 12.2XJ
  • Cisco IOS 12.2(2)XJ1


Cisco IOS 12.0XA
  • Cisco IOS 12.1(12)


Cisco IOS 12.0XI
  • Cisco IOS 12.1(12)


Cisco IOS 12.0XM
  • Cisco IOS 12.1(12)


Cisco IOS 12.2DD
  • Cisco IOS 12.2(4)B


Cisco IOS 11.2P
  • Cisco IOS 12.0(21)


Cisco IOS 12.1XI
  • Cisco IOS 12.2(6)


Cisco IOS 12.2XE
  • Cisco IOS 12.2(1)XE2


Cisco IOS 12.0XC
  • Cisco IOS 12.1(12)


Cisco IOS 12.2T
  • Cisco IOS 12.2(7)


Cisco IOS 12.0XB
  • Cisco IOS 12.1(12)


Cisco IOS 12.0T
  • Cisco IOS 12.1(12)


Cisco IOS 12.1T
  • Cisco IOS 12.2(6)


Cisco IOS 12.1XK
  • Cisco IOS 12.2(6)


Cisco IOS 12.2XD
  • Cisco IOS 12.2(2)XD3


Cisco IOS 12.0XG
  • Cisco IOS 12.1(12)


Cisco IOS 12.1YB
  • Cisco IOS 12.1(5)YB5


Cisco IOS 12.0XQ
  • Cisco IOS 12.1(12)


Cisco IOS 12.1XG
  • Cisco IOS 12.1(3)XG6


Cisco IOS 11.3T
  • Cisco IOS 12.0(21)


Cisco IOS 12.2XK
  • Cisco IOS 12.2(2)XK5


Cisco IOS 12.2XQ
  • Cisco IOS 12.2(2)XQ2


Cisco IOS 12.0XV
  • Cisco IOS 12.1(12)


Cisco IOS 12.1XB
  • Cisco IOS 12.1(5)YB1


Cisco IOS 12.1
  • Cisco IOS 12.1(12)


Cisco IOS 12.1XM
  • Cisco IOS 12.1(5)XM6


Cisco IOS 12.0XK
  • Cisco IOS 12.1(12)


Cisco IOS 12.0XR
  • Cisco IOS 12.1(12)


Cisco IOS 12.1YF
  • Cisco IOS 12.1(5)YF3


Cisco IOS 12.2XI
  • Cisco IOS 12.2(2)XI1


Cisco IOS 12.2
  • Cisco IOS 12.2(6)


Cisco IOS 12.0XE
  • Cisco IOS 12.1(12)


Cisco IOS 12.1XL
  • Cisco IOS 12.2(6)


Cisco IOS 12.2XH
  • Cisco IOS 12.2(2)XH2


Cisco IOS 12.0XD
  • Cisco IOS 12.1(12)


Cisco IOS 12.1XF
  • Cisco IOS 12.1(2)XF5


Cisco IOS 12.1YE
  • Cisco IOS 12.1(5)YE4


Cisco IOS 12.1XH
  • Cisco IOS 12.2(6)

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站