CVE-1999-1306

Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published1992-12-10 12:00:00.000-05
Last Modified2008-09-05 04:19:12.000-04

Vulnerable Software List

VendorProductVersions
Cisco Ios 9.1

References

SourceLink
CERTCA-1992-20