Sign-up

ID

VAR-200909-0304


CVE

CVE-2009-0627


TITLE

Cisco NX-OS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2009-002658

DESCRIPTION

Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609. Cisco Nexus 5000 is prone to a denial-of-service vulnerability when handling specially crafted TCP packets. An attacker can exploit this issue to cause the device to crash, denying service to legitimate users. Devices running versions prior to NX-OS 4.0(1a)N2(1) are vulnerable. This issue is documented by Cisco Bug ID CSCsv08059. The Cisco SSLVPN function is an enhanced version of the WebVPN function, allowing users anywhere on the Internet to remotely access corporate sites. If a specially crafted HPPTS packet is received, the device configured with the SSLVPN function may be overloaded or hang. The default TCP port number of SSLVPN is 443. A device configured with SSLVPN may leak TCBs when processing an abnormally disconnected SSL session. This vulnerability can be exploited without authentication. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products Advisory ID: cisco-sa-20090908-tcp24 Revision 1.0 For Public Release 2009 September 8 1700 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state, resources on a system under attack may be consumed, preventing new TCP connections from being accepted. In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system. This additional vulnerability was found as a result of testing the TCP state manipulation vulnerabilities. Cisco has released free software updates for download from the Cisco website that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml Affected Products ================= Vulnerable Products +------------------ The following Cisco products have a TCP implementation that is affected by these vulnerabilities. Refer to the Software Versions and Fixes section for information on fixed software. Cisco IOS Software To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log into the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih <output truncated> The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team <output truncated> Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html Cisco IOS-XE Software The version of Cisco IOS-XE Software that is running on a Cisco product can be determined using the "show version" command from the Command Line Interface (CLI). Cisco CatOS Software The version of Cisco CatOS Software that is running on a Cisco product can be determined using the "show version" command from the CLI. Cisco Adaptive Security Appliance (ASA) and Cisco PIX Cisco ASA and Cisco PIX security appliances running versions 7.0, 7.1, 7.2, 8.0, and 8.1 are affected when configured for any of the following features: * SSL VPNs * ASDM Administrative Access * Telnet Access * SSH Access * Cisco Tunneling Control Protocol (cTCP) for Remote Access VPNs * Virtual Telnet * Virtual HTTP * Transport Layer Security (TLS) Proxy for Encrypted Voice Inspection * Cut-Through Proxy for Network Access The version of software that is running on a Cisco ASA and Cisco PIX security appliances can be determined using the "show version" command from the CLI. Cisco NX-OS Software The version of Cisco NX-OS Software that is running on Cisco Nexus 5000 and 7000 series devices can be determined using the "show version" command from the CLI. Scientific Atlanta Products Scientific Atlanta customers are instructed to contact Scientific Atlanta's Technical Support for questions regarding the impact, mitigation and remediation of the vulnerabilities discussed in this document. Contact information for Scientific Atlanta Technical Support can be found at the following web site: http://www.cisco.com/en/US/products/ps10459/serv_group_home.html Linksys Products Customers with Linksys products should contact the following email address for questions regarding the impact, mitigation and remediation of the vulnerabilities discussed in this document: security@linksys.com Products Confirmed Not Vulnerable +-------------------------------- The following Cisco products are not affected: * Cisco IOS XR * Cisco IOS Software Modularity * Cisco ASA and Cisco PIX Software version 8.2 * Cisco PIX Software version 6.x and earlier * Cisco Firewall Services Module (FWSM) * Cisco Multilayer Distribution Switches (MDS) * Cisco Application Control Engine (ACE) Modules and Appliances * Cisco ACE XML Gateway * Cisco Access Control Server (ACS) Solution Engine * Cisco Guard * Cisco Security Monitoring, Analysis, and Response System (CS-MARS) * Cisco ONS 15000 * Cisco Content Services Switches (CSS) * Cisco Wide Area Application Services (WAAS) * Cisco Wireless LAN Controller (WLC) * IronPort C, M, S and X Series Appliances Cisco PSIRT tested Cisco products that are based on Linux and Microsoft Windows operating systems and found that although TCP connections in a FINWAIT1 state may temporarily consume system resources the operating systems eventually clear the TCP connections. If enough system resources are consumed, a sustained DoS condition may be possible. This outcome is highly dependent on the configuration and usage of a system. For more information about how these vulnerabilities affect Microsoft Windows operating systems, please consult the following Microsoft website at the following link: http://go.microsoft.com/fwlink/?LinkId=155978 No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= Multiple Cisco products are affected by DoS vulnerabilities in the TCP protocol. By manipulating the state of TCP connections, an attacker could force a system that is under attack to maintain TCP connections for long periods of time, or indefinitely in some cases. With a sufficient number of open TCP connections, the attacker may be able to cause a system to consume internal buffer and memory resources, resulting in new TCP connections being denied access to a targeted port or an entire system. A system reboot may be required to restore full system functionality. A full TCP three-way handshake is required to exploit these vulnerabilities. Network devices are not directly impacted by TCP state manipulation DoS attacks transiting a device; however, network devices that maintain the state of TCP connections may be impacted. If the attacker can establish enough TCP connections through a transit device that maintains TCP state, device resources may be exhausted and prevent the device from processing new TCP connections, resulting in a DoS condition. If an affected device that forwards traffic (that is, routes) in a network is the target of a TCP state manipulation attack, the attacker could cause a network-impacting DoS condition. Cisco IOS Software All Cisco IOS Software versions are affected by this vulnerability. A device running Cisco IOS Software that is under attack will have numerous hung TCP connections in the FINWAIT1 state. The "show tcp brief" command can be used to display the hung TCP connections. The following is example output showing an attack in progress. Cisco IOS-XE Software All Cisco IOS-XE Software versions are affected by this vulnerability. A device running Cisco IOS-XE Software that is under attack will have numerous hung TCP connections in the FINWAIT1 state. The "show tcp brief" command can be used to display the hung TCP connections. The following is example output showing an attack in progress. Cisco CatOS Software All Cisco CatOS Software versions are affected by these vulnerabilities. A device running Cisco CatOS Software that is under attack will have numerous hung TCP connections in the FIN_WAIT_1 state. The "show netstat" command can be used to display the hung TCP connections. The following is example output showing an attack in progress. Console> (enable) show netstat Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp 0 83 192.168.1.10.23 192.168.1.20.46056 FIN_WAIT_1 tcp 0 83 192.168.1.10.23 192.168.1.20.16305 FIN_WAIT_1 tcp 0 83 192.168.1.10.23 192.168.1.20.14628 FIN_WAIT_1 tcp 0 83 192.168.1.10.23 192.168.1.20.7275 FIN_WAIT_1 tcp 0 83 192.168.1.10.23 192.168.1.20.39559 FIN_WAIT_1 The vulnerabilities for Cisco CatOS Software are documented in Cisco Bug ID CSCsv66169. Cisco ASA and Cisco PIX Software All Cisco ASA and Cisco PIX Software versions are affected by these vulnerabilities. A device running Cisco ASA and Cisco PIX Software that is under attack will have numerous TCP connections in the established state. The "show asp table socket" command can be used to display the TCP connections. The following is example output showing a potential attack in progress. FIREWALL# show asp table socket | grep ESTAB TCP 123a8a6c 192.168.1.10:80 192.168.1.20:46181 ESTAB TCP 123e6d54 192.168.1.10:80 192.168.1.20:29546 ESTAB TCP 1244f78c 192.168.1.10:80 192.168.1.20:40271 ESTAB TCP 124f8d2c 192.168.1.10:80 192.168.1.20:46599 ESTAB TCP 12507f2c 192.168.1.10:80 192.168.1.20:5607 ESTAB It is possible for normal traffic to cause established TCP connections to appear on Cisco ASA or PIX devices, especially VPN connections terminated to the device. In order to confirm if established TCP connections are part of an attack, administrators should use a monitoring point outside the firewall such as a packet sniffer or Netflow collection agent to examine the profile of the suspicious TCP connections and determine if an attack is occurring. Note: The show asp table socket command was introduced in Cisco ASA and Cisco PIX Software 8.0(1). Further detail about hung TCP connections can be found with "show conn detail all long" command. The IP address used to qualify the example below is the address of the firewall interface under attack. FIREWALL# show conn detail all long | grep 192.168.1.10 TCP outside:192.168.1.20/62345 (192.168.1.20/62345) NP Identity Ifc:192.168.1.10/80 (192.168.1.10/80), flags UB, idle 0s, uptime 0s, timeout 1m0s, bytes 0 TCP outside:192.168.1.20/56268 (192.168.1.20/56268) NP Identity Ifc:192.168.1.10/80 (192.168.1.10/80), flags UB, idle 0s, uptime 0s, timeout 1m0s, bytes 0 TCP outside:192.168.1.20/63445 (192.168.1.20/63445) NP Identity Ifc:192.168.1.10/80 (192.168.1.10/80), flags UB, idle 0s, uptime 0s, timeout 1m0s, bytes 0 TCP outside:192.168.1.20/49151 (192.168.1.20/49151) NP Identity Ifc:192.168.1.10/80 (192.168.1.10/80), flags UB, idle 0s, uptime 0s, timeout 1m0s, bytes 0 TCP outside:192.168.1.20/57147 (192.168.1.20/57147) NP Identity Ifc:192.168.1.10/80 (192.168.1.10/80), flags UB, idle 0s, uptime 0s, timeout 1m0s, bytes 0 Note: Both troubleshooting commands referenced about will display TCP connections that are terminated to a firewall interface and transiting through the firewall. Cisco NX-OS Software All Cisco Nexus 5000 and 7000 platforms running Cisco NX-OS Software are affected by these vulnerabilities. A Nexus 5005 or 7000 device running Cisco NX-OS Software that is under attack will have numerous hung TCP connections in the FIN_WAIT_1 state. The "show tcp connection detail" command can be used to display the hung TCP connections. The following is example output showing an attack in progress. NEXUS# show tcp connection detail | include FIN State: FIN_WAIT_1 State: FIN_WAIT_1 State: FIN_WAIT_1 State: FIN_WAIT_1 State: FIN_WAIT_1 The hung TCP connection vulnerabilities for Nexus 5000 and Nexus 7000 devices are documented in Cisco Bug ID CSCsv08325 and Cisco Bug ID CSCsv08579 respectively. The TCP state manipulation vulnerabilities have been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-4609. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCsv04836 - Connections getting stuck at FINWAIT1 state CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsv07712 - Connections getting stuck at FINWAIT1 state CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsv66169 - TCP Connections get stuck in FINWAIT1 state CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsv02768 - TCP connections getting stuck in FINWAIT1 state CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsv08325 - TCP connections may get stuck in any state after ESTAB indefinitely CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsv08579 - TCP connections get stuck in FINWAIT1 state indefinitely CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsv08059 - NEXUS 5000 crashes after certain TCP packets CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the TCP state manipulation vulnerabilities may result in a DoS condition where new TCP connections are not accepted on an affected system. Repeated exploitation may result in a sustained DoS condition. A reboot may be required to recover affected systems. Software Versions and Fixes =========================== When considering software upgrades, also consult: http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Cisco IOS Software Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table. +-----------------------------------------+ | Major | Availability of Repaired | | Release | Releases | |------------+----------------------------| | Affected | First Fixed | Recommended | | 12.0-Based | Release | Release | | Releases | | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0 | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0DA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.0DB | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0DC | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.0(33)S5 | | | | | | | 12.0(33)S3 | 12.0(32) | | 12.0S | | S14; | | | 12.0(32)S12 | Available | | | | on | | | | 25-SEP-2009 | |------------+--------------+-------------| | | | 12.0(33)S5 | | | | | | | Vulnerable; | 12.0(32) | | 12.0SC | first fixed | S14; | | | in 12.0S | Available | | | | on | | | | 25-SEP-2009 | |------------+--------------+-------------| | | | 12.0(33)S5 | | | | | | | Vulnerable; | 12.0(32) | | 12.0SL | first fixed | S14; | | | in 12.0S | Available | | | | on | | | | 25-SEP-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0SP | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.0(33)S5 | | | | | | | Vulnerable; | 12.0(32) | | 12.0ST | first fixed | S14; | | | in 12.0S | Available | | | | on | | | | 25-SEP-2009 | |------------+--------------+-------------| | | | 12.0(33)S5 | | | | | | | Vulnerable; | 12.0(32) | | 12.0SX | first fixed | S14; | | | in 12.0S | Available | | | | on | | | | 25-SEP-2009 | |------------+--------------+-------------| | | 12.0(32)SY8 | 12.0(32) | | | | SY9a | | | 12.0(32)SY9a | | | 12.0SY | | 12.0(32) | | | 12.0(32)SY10 | SY10; | | | ; Available | Available | | | on | on | | | 25-SEP-2009 | 25-SEP-2009 | |------------+--------------+-------------| | | | 12.0(33)S5 | | | | | | | | 12.0(32) | | 12.0SZ | 12.0(30)SZ10 | S14; | | | | Available | | | | on | | | | 25-SEP-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0T | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.0W | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | | | 12.0WC | first fixed | | | | in 12.4T | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0WT | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XB | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XC | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XD | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XE | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | 12.0XF | first fixed | | | | in 12.4 | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XG | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XH | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(25b) | | 12.0XI | first fixed | | | | in 12.4 | 12.4(23b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XJ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XK | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XL | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XM | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XN | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XQ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.0XR | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.0XS | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XT | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.0XV | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | Affected | First Fixed | Recommended | | 12.1-Based | Release | Release | | Releases | | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1 | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1AA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.1AX | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.1(22) | | 12.1AY | first fixed | EA13 | | | in 12.1EA | | |------------+--------------+-------------| | | Vulnerable; | 12.1(22) | | 12.1AZ | first fixed | EA13 | | | in 12.1EA | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1CX | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1DA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1DB | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1DC | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.1E | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.1EA | 12.1(22)EA13 | 12.1(22) | | | | EA13 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.1EB | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.1EC | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.1EO | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.1EU | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1EV | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1EW | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1EX | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | 12.1EY | 12.2(44)EY | 12.2(46)EY | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1EZ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1GA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1GB | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1T | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XB | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XC | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XD | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XE | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XF | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XG | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XH | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XI | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XJ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XL | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XM | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XP | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XQ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XR | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.1XS | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XT | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XU | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XV | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XW | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XX | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XY | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1XZ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1YA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1YB | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1YC | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1YD | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.1YE | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1YF | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.1YH | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.1YI | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.1(22) | | 12.1YJ | first fixed | EA13 | | | in 12.1EA | | |------------+--------------+-------------| | Affected | First Fixed | Recommended | | 12.2-Based | Release | Release | | Releases | | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2 | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2B | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2BC | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2BW | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2BX | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2BY | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2BZ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2CX | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2CY | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.2(28) | | | Vulnerable; | SB14; | | 12.2CZ | first fixed | Available | | | in 12.2SB | on | | | | 20-OCT-2009 | |------------+--------------+-------------| | | | 12.4(25b) | | 12.2DA | 12.2(12)DA14 | | | | | 12.4(23b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2DD | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2DX | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2EW | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2EWA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2EX | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Releases | | | | prior to | | | | 12.2(44)EY | 12.2(50)SE3 | | | are | | | 12.2EY | vulnerable, | 12.2(52)SE; | | | release 12.2 | Available | | | (44)EY and | on | | | later are | 13-OCT-2009 | | | not | | | | vulnerable | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2EZ | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2FX | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2FY | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2FZ | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2IRA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2IRB | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.2IRC | 12.2(33)IRC | | |------------+--------------+-------------| | | Vulnerable; | | | 12.2IXA | migrate to | | | | any release | | | | in 12.2IXH | | |------------+--------------+-------------| | | Vulnerable; | | | 12.2IXB | migrate to | | | | any release | | | | in 12.2IXH | | |------------+--------------+-------------| | | Vulnerable; | | | 12.2IXC | migrate to | | | | any release | | | | in 12.2IXH | | |------------+--------------+-------------| | | Vulnerable; | | | 12.2IXD | migrate to | | | | any release | | | | in 12.2IXH | | |------------+--------------+-------------| | | Vulnerable; | | | 12.2IXE | migrate to | | | | any release | | | | in 12.2IXH | | |------------+--------------+-------------| | | Vulnerable; | | | 12.2IXF | migrate to | | | | any release | | | | in 12.2IXH | | |------------+--------------+-------------| | | Vulnerable; | | | 12.2IXG | migrate to | | | | any release | | | | in 12.2IXH | | |------------+--------------+-------------| | 12.2IXH | 12.2(18)IXH | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2JA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2JK | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2MB | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(25b) | | 12.2MC | 12.2(15)MC2m | | | | | 12.4(23b) | |------------+--------------+-------------| | | | 12.2(28) | | | Vulnerable; | SB14; | | 12.2S | first fixed | Available | | | in 12.2SB | on | | | | 20-OCT-2009 | |------------+--------------+-------------| | | | 12.2(31) | | | 12.2(28)SB13 | SB16 | | | | | | | 12.2(31)SB14 | 12.2(28) | | 12.2SB | | SB14; | | | 12.2(33)SB1b | Available | | | | on | | | 12.2(34)SB2 | 20-OCT-2009 | | | | | | | | 12.2(33)SB7 | |------------+--------------+-------------| | | | 12.2(28) | | | Vulnerable; | SB14; | | 12.2SBC | first fixed | Available | | | in 12.2SB | on | | | | 20-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SCA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.2SCB | 12.2(33)SCB1 | 12.2(33) | | | | SCB4 | |------------+--------------+-------------| | | 12.2(44)SE5 | 12.2(50)SE3 | | | | | | 12.2SE | 12.2(46)SE2 | 12.2(52)SE; | | | | Available | | | 12.2(50)SE | on | | | | 13-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SEA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SEB | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SEC | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SED | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SEE | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SEF | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SEG | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.2SG | 12.2(50)SG | 12.2(53)SG1 | |------------+--------------+-------------| | | | 12.2(31) | | | | SGA11; | | 12.2SGA | 12.2(31)SGA9 | Available | | | | on | | | | 04-DEC-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2SL | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Releases | | | | prior to | | | | 12.2(29)SM5 | | | | are | | | 12.2SM | vulnerable, | 12.2(29)SM5 | | | release 12.2 | | | | (29)SM5 and | | | | later are | | | | not | | | | vulnerable | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SO | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.2SQ | 12.2(44)SQ2 | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SRA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | | 12.2(33) | | | | SRD3 | | | | | | 12.2SRB | 12.2(33) | 12.2(33) | | | SRB5a | SRC5; | | | | Available | | | | on | | | | 29-OCT-2009 | |------------+--------------+-------------| | | | 12.2(33) | | | | SRC5; | | 12.2SRC | 12.2(33)SRC3 | Available | | | | on | | | | 29-OCT-2009 | |------------+--------------+-------------| | 12.2SRD | 12.2(33)SRD1 | 12.2(33) | | | | SRD3 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2STE | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2SU | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SV | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SVA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SVC | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2SVD | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.2SVE | 12.2(29)SVE1 | | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.2SW | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | 12.2(18) | | | per the | SXF17; | | 12.2SX | instructions | Available | | | in Obtaining | on | | | Fixed | 30-SEP-2009 | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | 12.2(18) | | | per the | SXF17; | | 12.2SXA | instructions | Available | | | in Obtaining | on | | | Fixed | 30-SEP-2009 | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | 12.2(18) | | | per the | SXF17; | | 12.2SXB | instructions | Available | | | in Obtaining | on | | | Fixed | 30-SEP-2009 | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | 12.2(18) | | | per the | SXF17; | | 12.2SXD | instructions | Available | | | in Obtaining | on | | | Fixed | 30-SEP-2009 | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | 12.2(18) | | | per the | SXF17; | | 12.2SXE | instructions | Available | | | in Obtaining | on | | | Fixed | 30-SEP-2009 | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | | 12.2(18) | | | 12.2(18) | SXF17; | | 12.2SXF | SXF16 | Available | | | | on | | | | 30-SEP-2009 | |------------+--------------+-------------| | | | 12.2(33) | | | | SXH6; | | 12.2SXH | 12.2(33)SXH5 | Available | | | | on | | | | 30-OCT-2009 | |------------+--------------+-------------| | 12.2SXI | 12.2(33)SXI1 | 12.2SXI2a | |------------+--------------+-------------| | | | 12.2(28) | | | Vulnerable; | SB14; | | 12.2SY | first fixed | Available | | | in 12.2SB | on | | | | 20-OCT-2009 | |------------+--------------+-------------| | | | 12.2(28) | | | Vulnerable; | SB14; | | 12.2SZ | first fixed | Available | | | in 12.2SB | on | | | | 20-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2T | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2TPC | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(25b) | | 12.2XA | first fixed | | | | in 12.4 | 12.4(23b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XB | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XC | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XD | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XE | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XF | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XG | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XH | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XI | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XJ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XK | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XL | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XM | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2XN | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Please see | | | 12.2XNA | Cisco IOS-XE | | | | Software | | | | Availability | | |------------+--------------+-------------| | | Please see | | | 12.2XNB | Cisco IOS-XE | | | | Software | | | | Availability | | |------------+--------------+-------------| | | Please see | | | 12.2XNC | Cisco IOS-XE | | | | Software | | | | Availability | | |------------+--------------+-------------| | | Please see | | | 12.2XND | Cisco IOS-XE | | | | Software | | | | Availability | | |------------+--------------+-------------| | | | | |------------+--------------+-------------| | | | 12.2(50) | | | | SG5; | | 12.2XO | 12.2(52)XO | Available | | | | on | | | | 28-SEP-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XQ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XR | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XS | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XT | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XU | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XV | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2XW | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2YA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YB | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YC | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YD | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YE | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YF | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YG | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YH | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YJ | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YK | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YL | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2YM | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YN | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YO | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.2YP | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YQ | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YR | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YS | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YT | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YU | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YV | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YW | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YX | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YY | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2YZ | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | 12.2(18) | | | per the | SXF17; | | 12.2ZA | instructions | Available | | | in Obtaining | on | | | Fixed | 30-SEP-2009 | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2ZB | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2ZC | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2ZD | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2ZE | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2ZF | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2ZG | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2ZH | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2ZJ | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2ZL | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.2ZM | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2ZP | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2ZU | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | | 12.2(28) | | | Vulnerable; | SB14; | | 12.2ZX | first fixed | Available | | | in 12.2SB | on | | | | 20-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.2ZY | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.2ZYA | 12.2(18)ZYA1 | 12.2(18) | | | | ZYA2 | |------------+--------------+-------------| | Affected | First Fixed | Recommended | | 12.3-Based | Release | Release | | Releases | | | |------------+--------------+-------------| | | Vulnerable; | 12.4(25b) | | 12.3 | first fixed | | | | in 12.4 | 12.4(23b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(25b) | | 12.3B | first fixed | | | | in 12.4 | 12.4(23b) | |------------+--------------+-------------| | | 12.3(21a)BC9 | 12.3(21a) | | 12.3BC | | BC9 | | | 12.3(23)BC6 | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3BW | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3EU | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3JA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3JEA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3JEB | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.3JEC | 12.3(8)JEC3 | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3JED | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3JK | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3JL | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3JX | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3T | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3TPC | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3VA | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3XB | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XC | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XD | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XE | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3XF | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XG | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.2(33)SB7 | | 12.3XI | first fixed | | | | in 12.2SB | 12.2(31) | | | | SB16 | |------------+--------------+-------------| | | Vulnerable; | 12.4(15)XR7 | | 12.3XJ | first fixed | | | | in 12.4XR | 12.4(22)XR | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XK | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XL | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XQ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XR | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XS | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3XU | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(15)XR7 | | 12.3XW | first fixed | | | | in 12.4XR | 12.4(22)XR | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XX | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XY | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3XZ | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3YA | first fixed | | | | in 12.4 | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YD | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | 12.4(15)XR7 | | 12.3YF | first fixed | | | | in 12.4XR | 12.4(22)XR | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YG | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YH | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YI | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YJ | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YK | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(23b) | | 12.3YM | 12.3(14)YM13 | | | | | 12.4(25b) | |------------+--------------+-------------| | | Vulnerable; | 12.4(23b) | | 12.3YQ | first fixed | | | | in 12.4T | 12.4(25b) | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YS | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YT | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3YU | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)XR7 | | 12.3YX | 12.3(14)YX14 | | | | | 12.4(22)XR | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.3YZ | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.3ZA | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | Affected | First Fixed | Recommended | | 12.4-Based | Release | Release | | Releases | | | |------------+--------------+-------------| | | 12.4(18d) | | | | | 12.4(25b) | | 12.4 | 12.4(23a) | | | | | 12.4(23b) | | | 12.4(25) | | |------------+--------------+-------------| | | 12.4(22)GC1 | | | 12.4GC | | 12.4(24)GC1 | | | 12.4(24)GC1 | | |------------+--------------+-------------| | | 12.4(16b)JA1 | | | 12.4JA | | | | | 12.4(21a)JA | | |------------+--------------+-------------| | 12.4JDA | 12.4(10b) | | | | JDA3 | | |------------+--------------+-------------| | 12.4JDC | 12.4(10b)JDC | | |------------+--------------+-------------| | 12.4JDD | 12.4(10b)JDD | | |------------+--------------+-------------| | 12.4JK | 12.4(3)JK4 | | |------------+--------------+-------------| | 12.4JL | 12.4(3)JL1 | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.4JMA | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.4JMB | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | 12.4JX | 12.4(21a)JX | | |------------+--------------+-------------| | | 12.4(11)MD7 | 12.4(11)MD9 | | | | | | 12.4MD | 12.4(15)MD2 | 12.4(15)MD3 | | | | | | | 12.4(22)MD | 12.4(22)MD1 | |------------+--------------+-------------| | 12.4MDA | 12.4(22)MDA | 12.4(22) | | | | MDA1 | |------------+--------------+-------------| | 12.4MR | 12.4(19)MR2 | 12.4(19)MR3 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4SW | 12.4(15)SW3 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | 12.4(5)T5e | 12.4(15)T10 | | | | | | | 12.4(15)T6a | 12.4(20)T4 | | | | | | 12.4T | 12.4(22)T1 | 12.4(22)T3 | | | | | | | 12.4(20)T2 | 12.4(24)T2; | | | | Available | | | 12.4(24)T | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.4XA | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.4XB | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.4XC | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4XD | 12.4(4)XD12 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4XE | 12.4(6)XE4 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.4XF | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4XG | 12.4(9)XG4 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.4XJ | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.4XK | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | 12.4XL | 12.4(15)XL4 | | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4XM | 12.4(15)XM3 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.4XN | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.4XP | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4XQ | 12.4(15)XQ2 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | 12.4(15)XR4 | | | 12.4XR | | 12.4(15)XR7 | | | 12.4(22)XR | | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | Vulnerable; | | | 12.4XT | first fixed | 12.4(22)T3 | | | in 12.4T | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | Vulnerable; | | | | Contact your | | | | support | | | | organization | | | | per the | | | 12.4XV | instructions | | | | in Obtaining | | | | Fixed | | | | Software | | | | section of | | | | this | | | | advisory | | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4XW | 12.4(11)XW10 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(20)T4 | | | | | | | | 12.4(22)T3 | | 12.4XY | 12.4(15)XY4 | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4XZ | 12.4(15)XZ2 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | | | 12.4(15)T10 | | | | | | | | 12.4(20)T4 | | | | | | 12.4YA | 12.4(20)YA2 | 12.4(22)T3 | | | | | | | | 12.4(24)T2; | | | | Available | | | | on | | | | 23-OCT-2009 | |------------+--------------+-------------| | 12.4YB | 12.4(22)YB | 12.4(22)YB4 | |------------+--------------+-------------| | 12.4YD | 12.4(22)YD | 12.4(22)YD1 | |------------+--------------+-------------| | 12.4YE | 12.4(22)YE | 12.4(22)YE1 | +-----------------------------------------+ Cisco IOS-XE Software +---------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------+----------------------| | 2.1.x | 2.2.3 | |----------------+----------------------| | 2.2.x | 2.2.3 | |----------------+----------------------| | 2.3.x | Not Vulnerable | |----------------+----------------------| | 2.4.x | Not Vulnerable | +---------------------------------------+ Cisco CatOS Software +---------------------------------------+ | Affected | First Fixed | | Releases | Release | |------------------+--------------------| | 7.x | 7.6(24a) | |------------------+--------------------| | 8.x | 8.7(2a) | +---------------------------------------+ Cisco ASA and Cisco PIX Software +---------------------------------------+ | Affected | First Fixed | | Releases | Release | |------------------+--------------------| | 7.0 | 7.0(8.6) | |------------------+--------------------| | 7.1 | 7.1(2.81) | |------------------+--------------------| | 7.2 | 7.2(4.30) | |------------------+--------------------| | 8.0 | 8.0(4.28) | |------------------+--------------------| | 8.1 | 8.1(2.19) | |------------------+--------------------| | 8.2 | Not Vulnerable | +---------------------------------------+ Cisco NX-OS Software +---------------------------------------+ | Affected | First Fixed | | Releases | Release | |------------------+--------------------| | Cisco Nexus 5000 | 4.0(1a)N2(1) | |------------------+--------------------| | Cisco Nexus 7000 | 4.1(4) | +---------------------------------------+ Workarounds =========== It is possible to mitigate these vulnerabilities with the following workarounds. Cisco IOS Software The Cisco Guide to Harden Cisco IOS Devices provides examples of many useful techniques to mitigate against the TCP state manipulation vulnerabilities. These include: * Infrastructure Access Control Lists (iACL) * Receive Access Control Lists (rACL) * Transit Access Control Lists (tACL) * VTY Access Control Lists * Control Plane Policing (CoPP) * Control Plane Protection (CPPr) * Management Plane Policing (MPP) For more information on the topics listed above, consult the Cisco Guide to Harden Cisco IOS Devices at the following link: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml Cisco CatOS Software Cisco CatOS software provides VLAN Access Control Lists (VACL) to mitigate against the TCP state manipulation vulnerabilities. For more information on configuring VACLs on CatOS 7.x software versions, please consult the following link: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/7.x/configuration/guide/acc_list.html For more information on configuring VACLs on CatOS 8.x software versions, please consult the following link: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/acc_list.html Cisco ASA and Cisco PIX Software Cisco ASA and Cisco PIX Software provide a method to expire stalled half-closed TCP connections that helps mitigate against the TCP state manipulation vulnerabilities. This method protects against attacks directed to a firewall and devices protected by a firewall. The "timeout half-closed" command will expire TCP sessions that have remained in a half-closed state beyond a user-configured timeout. FIREWALL(config)# timeout half-closed 0:5:0 This command will set the TCP half-closed timeout to the smallest permitted value of five minutes. For more information on the TCP half-closed timeout, please consult the following link: http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/t.html#wp1500148 Cisco Nexus Software Cisco Nexus software provides several ACL methods to mitigate against the TCP state manipulation vulnerabilities. For more information on configuring ACLs on Nexus 5000 systems, please consult the following link: http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli_rel_4_0_1a/sec_ipacls.html For more information on configuring ACLs on Nexus 7000 systems, please consult the following link: http://www.cisco.com/en/US/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg.html Cisco Applied Mitigation Bulletin Additional mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Mitigation Bulletin companion document for this advisory, which is available at the following link: http://www.cisco.com/warp/public/707/cisco-amb-20090908-tcp24.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at: http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. The TCP state manipulation vulnerabilities were reported to Cisco by Robert E. Lee and Jack Louis of Outpost24. The Cisco Nexus 5000 vulnerability was discovered by Cisco. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +----------------------------------------+ | Revision | | Initial | | 1.0 | 2009-September-08 | public | | | | release | +----------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFKpmqc86n/Gc8U/uARArnQAJ4iK9a4jII3ItWKUvAVgQo0N6KAfgCcDc1i 05+ITgtJJF8WI4iOrovU2Ik= =cUrI -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Trust: 2.07

sources: NVD: CVE-2009-0627 // JVNDB: JVNDB-2009-002658 // BID: 36303 // VULHUB: VHN-38073 // PACKETSTORM: 81109

AFFECTED PRODUCTS

vendor:ciscomodel:nexus 5000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:nexus 7000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:nx-osscope:lteversion:4.0

Trust: 1.0

vendor:ciscomodel:nexus 5000 series switchscope:ltversion:4.0(1a)n2(1)

Trust: 0.8

vendor:ciscomodel:nexus 7000 series switchscope:ltversion:4.1(4)

Trust: 0.8

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:50000

Trust: 0.3

vendor:ciscomodel:nx-os 4.0 n2scope:neversion: -

Trust: 0.3

sources: BID: 36303 // JVNDB: JVNDB-2009-002658 // CNNVD: CNNVD-200909-120 // NVD: CVE-2009-0627

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-0627
value: HIGH

Trust: 1.0

NVD: CVE-2009-0627
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200909-120
value: HIGH

Trust: 0.6

VULHUB: VHN-38073
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2009-0627
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-38073
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-38073 // JVNDB: JVNDB-2009-002658 // CNNVD: CNNVD-200909-120 // NVD: CVE-2009-0627

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2009-0627

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200909-120

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200909-120

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2009-002658

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-38073

PATCH
title:cisco-sa-20090908-tcp24url:http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-002658

EXTERNAL IDS
db:NVDid:CVE-2009-0627
Trust: 2.9
db:SECTRACKid:1022847
Trust: 2.5
db:JVNDBid:JVNDB-2009-002658
Trust: 0.8
db:CNNVDid:CNNVD-200909-120
Trust: 0.7
db:CISCOid:20090908 TCP STATE MANIPULATION DENIAL OF SERVICE VULNERABILITIES IN MULTIPLE CISCO PRODUCTS
Trust: 0.6
db:BIDid:36303
Trust: 0.4
db:PACKETSTORMid:81109
Trust: 0.2
db:VULHUBid:VHN-38073
Trust: 0.1
sources:
            
            
            VULHUB: VHN-38073 // 
            
            
            
            BID: 36303 // 
            
            
            
            JVNDB: JVNDB-2009-002658 // 
            
            
            
            PACKETSTORM: 81109 // 
            
            
            
            CNNVD: CNNVD-200909-120 // 
            
            
            
            NVD: CVE-2009-0627

REFERENCES
url:http://www.securitytracker.com/id?1022847
Trust: 2.5
url:http://www.cisco.com/en/us/products/products_security_advisory09186a0080af511d.shtml
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0627
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0627
Trust: 0.8
url:http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml
Trust: 0.4
url:http://www.cisco.com/en/us/products/ps9670/
Trust: 0.3
url:http://www.cisco.com/warp/public/620/1.html
Trust: 0.1
url:http://www.cisco.com/go/psirt
Trust: 0.1
url:http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html
Trust: 0.1
url:http://secunia.com/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-0627
Trust: 0.1
url:http://www.cisco.com/en/us/docs/security/asa/asa80/command/reference/t.html#wp1500148
Trust: 0.1
url:http://www.cisco.com/en/us/docs/switches/lan/catalyst6500/catos/7.x/configuration/guide/acc_list.html
Trust: 0.1
url:http://www.cisco.com/en/us/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli_rel_4_0_1a/sec_ipacls.html
Trust: 0.1
url:http://www.cisco.com/en/us/support/tsd_cisco_worldwide_contacts.html
Trust: 0.1
url:http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Trust: 0.1
url:http://www.cisco.com/en/us/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/acc_list.html
Trust: 0.1
url:http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Trust: 0.1
url:http://lists.grok.org.uk/full-disclosure-charter.html
Trust: 0.1
url:http://go.microsoft.com/fwlink/?linkid=155978
Trust: 0.1
url:http://www.cisco.com/en/us/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml
Trust: 0.1
url:http://www.cisco.com/en/us/products/ps10459/serv_group_home.html
Trust: 0.1
url:http://www.cisco.com
Trust: 0.1
url:http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html
Trust: 0.1
url:http://www.cisco.com/en/us/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg.html
Trust: 0.1
url:http://www.cisco.com/warp/public/707/cisco-amb-20090908-tcp24.shtml
Trust: 0.1
url:http://www.cisco.com/techsupport
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-4609
Trust: 0.1
url:http://intellishield.cisco.com/security/alertmanager/cvss
Trust: 0.1
sources:
            
            
            VULHUB: VHN-38073 // 
            
            
            
            BID: 36303 // 
            
            
            
            JVNDB: JVNDB-2009-002658 // 
            
            
            
            PACKETSTORM: 81109 // 
            
            
            
            CNNVD: CNNVD-200909-120 // 
            
            
            
            NVD: CVE-2009-0627

CREDITS
Cisco Security bulletin
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200909-120

SOURCES
db:VULHUBid:VHN-38073
db:BIDid:36303
db:JVNDBid:JVNDB-2009-002658
db:PACKETSTORMid:81109
db:CNNVDid:CNNVD-200909-120
db:NVDid:CVE-2009-0627

LAST UPDATE DATE
2024-11-23T22:09:14.113000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-38073date:2009-09-09T00:00:00
db:BIDid:36303date:2009-09-08T20:31:00
db:JVNDBid:JVNDB-2009-002658date:2011-06-08T00:00:00
db:CNNVDid:CNNVD-200909-120date:2009-09-09T00:00:00
db:NVDid:CVE-2009-0627date:2024-11-21T01:00:33.270

SOURCES RELEASE DATE
db:VULHUBid:VHN-38073date:2009-09-08T00:00:00
db:BIDid:36303date:2009-09-08T00:00:00
db:JVNDBid:JVNDB-2009-002658date:2011-06-08T00:00:00
db:PACKETSTORMid:81109date:2009-09-10T17:21:37
db:CNNVDid:CNNVD-200909-120date:2009-03-25T00:00:00
db:NVDid:CVE-2009-0627date:2009-09-08T23:30:00.500