The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ios | Cisco | 12.2xnb (including) | 12.2xnb (including) |
| Ios | Cisco | 12.2xnc (including) | 12.2xnc (including) |
| Ios | Cisco | 12.2xnd (including) | 12.2xnd (including) |
| Ios | Cisco | 12.4md (including) | 12.4md (including) |
| Ios | Cisco | 12.4t (including) | 12.4t (including) |
| Ios | Cisco | 12.4xz (including) | 12.4xz (including) |
| Ios | Cisco | 12.4ya (including) | 12.4ya (including) |
References
- http://osvdb.org/58338
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
- http://www.securityfocus.com/bid/36495
- http://www.securitytracker.com/id?1022933
- http://www.vupen.com/english/advisories/2009/2759
- http://osvdb.org/58338
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
- http://www.securityfocus.com/bid/36495
- http://www.securitytracker.com/id?1022933
- http://www.vupen.com/english/advisories/2009/2759