Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote malicious users to bypass the ACL.
Six vulnerabilities involving Access Control List (ACL) has been
discovered in multiple releases of Cisco IOS® Software Release for Cisco 12000
Series Internet Routers Not all vulnerabilities are present in all IOS
releases and only line cards based on the Engine 2 are affected by them
No other Cisco product is vulnerable
The wo ...