VARIoT IoT vulnerabilities database

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358. plural Cisco Products include SIP Service operation is interrupted due to inadequate processing of (DoS) There are vulnerabilities that cause a condition. The problem is Bug IDs CSCta20040 and CSCta31358 Problem.Invalid by a third party Refer-To Header is added SIP REFER Denial of service via request (DoS) May be in a state. Cisco Unified Communications Manager is a call processing component in the Cisco IP Telephony solution. When the UDP protocol is used, there is an error in the SIP registration implementation, and special SIP messages can be used to terminate important processes and disrupt voice services. Allow malicious users to conduct denial of service attacks. An attacker can exploit this issue to cause an interruption in voice services or cause the affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug IDs CSCta31358 and CSCta20040. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100922-sip http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml Revision 1.0 For Public Release 2010 September 22 1600 UTC (GMT) - --------------------------------------------------------------------- Summary ======= Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS^ Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device when SIP operation is enabled. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html Cisco Unified Communications Manager (CUCM) is affected by the vulnerabilities described in this advisory. Two separate Cisco Security Advisories have been published to disclose the vulnerabilities that affect the Cisco Unified Communications Manager at the following locations: http://www.cisco.com/warp/public/707/cisco-sa-20090826-cucm.shtml http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucm.shtml Affected Products ================= These vulnerabilities only affect devices running Cisco IOS Software with SIP voice services enabled. Vulnerable Products +------------------ Cisco devices are affected when they are running affected Cisco IOS Software versions that are configured to process SIP messages. Recent versions of Cisco IOS Software do not process SIP messages by default. In addition, several features within Cisco Unified Communications Manager Express, such as ePhones, will also automatically start the SIP process when they are configured, causing the device to start processing SIP messages. An example of an affected configuration follows: dial-peer voice <Voice dial-peer tag> voip ... ! In addition to inspecting the Cisco IOS device configuration for a dial-peer command that causes the device to process SIP messages, administrators can also use the show processes | include SIP command to determine whether Cisco IOS Software is running the processes that handle SIP messages. In the following example, the presence of the processes CCSIP_UDP_SOCKET or CCSIP_TCP_SOCKET indicates that the Cisco IOS device will process SIP messages: Router# show processes | include SIP 149 Mwe 40F48254 4 1 400023108/24000 0 CCSIP_UDP_SOCKET 150 Mwe 40F48034 4 1 400023388/24000 0 CCSIP_TCP_SOCKET Note: Because there are several ways a device running Cisco IOS Software can start processing SIP messages, it is recommended that the show processes | include SIP command be used to determine whether the device is processing SIP messages instead of relying on the presence of specific configuration commands. Cisco Unified Border Element images are also affected by two of these vulnerabilities. Note: The Cisco Unified Border Element feature (previously known as the Cisco Multiservice IP-to-IP Gateway) is a special Cisco IOS Software image that runs on Cisco multiservice gateway platforms. It provides a network-to-network interface point for billing, security, call admission control, quality of service, and signaling interworking. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router# show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router# show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html Note: CUCM is affected by the vulnerabilities described in this advisory. Cisco IOS XR Software is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= SIP is a popular signaling protocol that is used to manage voice and video calls across IP networks such as the Internet. SIP is responsible for handling all aspects of call setup and termination. Voice and video are the most popular types of sessions that SIP handles, but the protocol has the flexibility to accommodate other applications that require call setup and termination. SIP call signaling can use UDP (port 5060), TCP (port 5060), or Transport Layer Security (TLS; TCP port 5061) as the underlying transport protocol. These vulnerabilities are triggered when the device running Cisco IOS Software processes crafted SIP messages. Note: In cases where SIP is running over TCP transport, a TCP three-way handshake is necessary to exploit these vulnerabilities. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at http://intellishield.cisco.com/security/alertmanager/cvss CSCta20040 - Device crashes when receiving crafted SIP message CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCsz43987 - IOS coredump when sending crafted packets CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtf72678 - IOS Coredump Generated when sending crafted packets CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed Impact ====== Successful exploitation of the vulnerabilities in this advisory may result in a reload of the device. Repeated exploitation could result in a sustained denial of service condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the following Cisco IOS Software table corresponds to a Cisco IOS Software train. If a particular train is vulnerable, the earliest releases that contain the fix are listed in the First Fixed Release For This Advisory column. The First Fixed Release for All Advisories in the September 2010 Bundle Publication column lists the earliest possible releases that correct all the published vulnerabilities in the Cisco IOS Software Security Advisory bundled publication. Cisco recommends upgrading to the latest available release, where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0-based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.1-based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.2 | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.2B | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(2)B7 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.2BC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2BW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.2SB | | 12.2BX | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(15)BX are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.2BY | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(2)BY3 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.2BZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2CX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2CY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2CZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2DD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2DX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2JK | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(15)MC1 are | | 12.2MC | Not Vulnerable | not vulnerable. Releases | | | | 12.2(15)MC2b and later | | | | are not vulnerable; first | | | | fixed in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2MRA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2MRB | Not Vulnerable | 12.2(33)MRB2 | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2S | Not Vulnerable | (30)S are vulnerable, | | | | release 12.2(30)S and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | 12.2(31)SB19 | | | | | | 12.2SB | Not Vulnerable | Releases prior to 12.2 | | | | (33)SB5 are vulnerable, | | | | release 12.2(33)SB5 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | 12.2SBC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SB | |------------+--------------------------+---------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+--------------------------+---------------------------| | 12.2SCB | Not Vulnerable | 12.2(33)SCB9 | |------------+--------------------------+---------------------------| | 12.2SCC | Not Vulnerable | 12.2(33)SCC5 | |------------+--------------------------+---------------------------| | 12.2SCD | Not Vulnerable | 12.2(33)SCD3 | |------------+--------------------------+---------------------------| | 12.2SE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SED | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (40)SG are vulnerable, | | 12.2SG | Not Vulnerable | release 12.2(40)SG and | | | | later are not vulnerable; | | | | migrate to any release in | | | | 12.2SGA | |------------+--------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SRA | Not Vulnerable | (33)SRA6 are vulnerable, | | | | release 12.2(33)SRA6 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SRB | Not Vulnerable | (33)SRB1 are vulnerable, | | | | release 12.2(33)SRB1 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SRD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SRE | Not Vulnerable | 12.2(33)SRE1 | |------------+--------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (29b)SV1 are vulnerable, | | 12.2SV | Not Vulnerable | release 12.2(29b)SV1 and | | | | later are not vulnerable; | | | | migrate to any release in | | | | 12.2SVD | |------------+--------------------------+---------------------------| | 12.2SVA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(21)SW1 are | | 12.2SW | Not Vulnerable | not vulnerable. Releases | | | | 12.2(25)SW12 and later | | | | are not vulnerable; first | | | | fixed in 12.4T | |------------+--------------------------+---------------------------| | | | Releases up to and | | 12.2SX | Not Vulnerable | including 12.2(14)SX2 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SXF | Not Vulnerable | (18)SXF11 are vulnerable, | | | | release 12.2(18)SXF11 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | 12.2SXH | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SXI | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SY | Vulnerable; migrate to | Not Vulnerable | | | any release in 12.2S | | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2T | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2XA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XG | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XK | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XL | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XN | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SB | |------------+--------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XQ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XR | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XS | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XT | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XV | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YP | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YQ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YR | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YT | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YU | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2YV | Not Vulnerable | (11)YV1 are vulnerable, | | | | release 12.2(11)YV1 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YW | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | 12.2ZB | Not Vulnerable | including 12.2(8)ZB are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2ZF | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2ZG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2ZH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZP | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZU | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.3 | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3B | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3BC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3BW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JED | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | Releases up to and | | | not vulnerable. | including 12.3(2)JK3 are | | 12.3JK | | not vulnerable. Releases | | | Releases 12.3(8)JK1 and | 12.3(8)JK1 and later are | | | later are not | not vulnerable; first | | | vulnerable; first fixed | fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.3JL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4T | | | 12.3T | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.3(4)T11 are | | | | not vulnerable. | | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.3VA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.3XC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.3 | Releases prior to 12.3(7) | | | (7)XI11 are vulnerable, | XI11 are vulnerable, | | 12.3XI | release 12.3(7)XI11 and | release 12.3(7)XI11 and | | | later are not vulnerable | later are not vulnerable; | | | | first fixed in 12.2SB | |------------+--------------------------+---------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+--------------------------+---------------------------| | 12.3XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XS | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4T | | | 12.3XU | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.3(8)XU1 are | | | | not vulnerable. | | |------------+--------------------------+---------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XZ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+--------------------------+---------------------------| | 12.3YG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.3 | | | | (11)YK3 are vulnerable, | | | 12.3YK | release 12.3(11)YK3 and | Vulnerable; first fixed | | | later are not | in 12.4T | | | vulnerable; first fixed | | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.3YM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4T | | | 12.3YS | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.3(11)YS1 | | | | are not vulnerable. | | |------------+--------------------------+---------------------------| | 12.3YT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3ZA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.4 | 12.4(25d) | 12.4(25d) | |------------+--------------------------+---------------------------| | 12.4GC | 12.4(24)GC2 | 12.4(24)GC2 | |------------+--------------------------+---------------------------| | 12.4JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JHB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JK | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JMA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JMB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD2 | |------------+--------------------------+---------------------------| | 12.4MDA | Not Vulnerable | 12.4(22)MDA4 | |------------+--------------------------+---------------------------| | 12.4MR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4MRA | in 12.4MRA | |------------+--------------------------+---------------------------| | 12.4MRA | 12.4(20)MRA1 | 12.4(20)MRA1 | |------------+--------------------------+---------------------------| | 12.4SW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | 12.4(15)T14 | 12.4(15)T14 | | | | | | 12.4T | 12.4(24)T4 | 12.4(24)T4 | | | | | | | 12.4(20)T6 | 12.4(20)T6 | |------------+--------------------------+---------------------------| | 12.4XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.4 | Releases prior to 12.4(6) | | | (6)XE5 are vulnerable, | XE5 are vulnerable, | | 12.4XE | release 12.4(6)XE5 and | release 12.4(6)XE5 and | | | later are not | later are not vulnerable; | | | vulnerable; first fixed | first fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.4XF | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XG | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XK | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Releases up to and | | | | including 12.4(15)XM are | | | | not vulnerable. | | | 12.4XM | | Vulnerable; first fixed | | | Releases 12.4(15)XM3 and | in 12.4T | | | later are not | | | | vulnerable; first fixed | | | | in 12.4T | | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XQ | Not Vulnerable | 12.4(15)XQ6; Available on | | | | 22-SEP-10 | |------------+--------------------------+---------------------------| | | | 12.4(15)XR9 | | 12.4XR | Not Vulnerable | | | | | 12.4(22)XR7 | |------------+--------------------------+---------------------------| | 12.4XT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.4YE | Not Vulnerable | 12.4(24)YE1 | |------------+--------------------------+---------------------------| | 12.4YG | Not Vulnerable | 12.4(24)YG3 | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 15.0M | 15.0(1)M3 | 15.0(1)M3 | |------------+--------------------------+---------------------------| | | Cisco 7600 and 10000 | Cisco 7600 and 10000 | | | Series routers: Not | Series routers: 15.0(1)S1 | | | Vulnerable | (available early October | | | | 2010). | | 15.0S | Cisco ASR 1000 Series | | | | routes: Please see Cisco | Cisco ASR 1000 Series | | | IOS-XE Software | routes: Please see Cisco | | | Availability | IOS-XE Software | | | | Availability | |------------+--------------------------+---------------------------| | 15.0XA | 15.0(1)XA4 | Vulnerable; first fixed | | | | in 15.1T | |------------+--------------------------+---------------------------| | 15.0XO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | | 15.1(2)T0a | | | 15.1T | | 15.1(2)T1 | | | 15.1(1)T1 | | |------------+--------------------------+---------------------------| | 15.1XB | 15.1(1)XB | Vulnerable; first fixed | | | | in 15.1T | +-------------------------------------------------------------------+ Cisco IOS XE Software +-------------------- +-------------------------------------------------------------------+ | Cisco IOS | First Fixed | First Fixed Release for All | | XE | Release for This | Advisories in the September 2010 | | Release | Advisory | Bundle Publication | |-----------+------------------+------------------------------------| | 2.1.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.2.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.3.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.4.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | | Vulnerable; | Vulnerable; migrate to 2.6.2 or | | 2.5.x | migrate to 2.6.2 | later | | | or later | | |-----------+------------------+------------------------------------| | 2.6.x | 2.6.1 | 2.6.2 | |-----------+------------------+------------------------------------| | 3.1.xS | Not Vulnerable | Not Vulnerable | +-------------------------------------------------------------------+ For mapping of Cisco IOS XE to Cisco IOS releases, please refer to the Cisco IOS XE 2 and Cisco IOS XE 3S Release Notes. Cisco IOS XR System Software +--------------------------- Cisco IOS XR Software is not affected by the vulnerabilities disclosed in the September 22, 2010, Cisco IOS Software Security Advisory bundled publication. Workarounds =========== If the affected Cisco IOS device requires SIP for VoIP services, SIP cannot be disabled, and no workarounds are available. Users are advised to apply mitigation techniques to help limit exposure to the vulnerabilities. Mitigation consists of allowing only legitimate devices to connect to affected devices. To increase effectiveness, the mitigation must be coupled with anti-spoofing measures on the network edge. This action is required because SIP can use UDP as the transport protocol. Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin:Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Voice Products", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100922-voice.shtml Disabling SIP Listening Ports +---------------------------- For devices that do not require SIP to be enabled, the simplest and most effective workaround is to disable SIP processing on the device. Some versions of Cisco IOS Software allow administrators to disable SIP with the following commands: sip-ua no transport udp no transport tcp no transport tcp tls warning Warning: When applying this workaround to devices that are processing Media Gateway Control Protocol (MGCP) or H.323 calls, the device will not stop SIP processing while active calls are being processed. Under these circumstances, this workaround should be implemented during a maintenance window when active calls can be briefly stopped. The show udp connections, show tcp brief all, and show processes | include SIP commands can be used to confirm that the SIP UDP and TCP ports are closed after applying this workaround. Depending on the Cisco IOS Software version in use, the output from the show ip sockets command may still show the SIP ports open, but sending traffic to them will cause the SIP process to emit the following message: *Jun 2 11:36:47.691: sip_udp_sock_process_read: SIP UDP Listener is DISABLED Control Plane Policing +--------------------- For devices that need to offer SIP services, it is possible to use Control Plane Policing (CoPP) to block SIP traffic to the device from untrusted sources. Cisco IOS Releases 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T support the CoPP feature. CoPP may be configured on a device to protect the management and control planes to minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic sent to infrastructure devices in accordance with existing security policies and configurations. The following example can be adapted to specific network configurations: !-- The 192.168.1.0/24 network and the 172.16.1.1 host are trusted. !-- Everything else is not trusted. The following access list is used !-- to determine what traffic needs to be dropped by a control plane !-- policy (the CoPP feature.) If the access list matches (permit) !-- then traffic will be dropped and if the access list does not !-- match (deny) then traffic will be processed by the router. access-list 100 deny udp 192.168.1.0 0.0.0.255 any eq 5060 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5060 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5061 access-list 100 deny udp host 172.16.1.1 any eq 5060 access-list 100 deny tcp host 172.16.1.1 any eq 5060 access-list 100 deny tcp host 172.16.1.1 any eq 5061 access-list 100 permit udp any any eq 5060 access-list 100 permit tcp any any eq 5060 access-list 100 permit tcp any any eq 5061 !-- Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4 !-- traffic in accordance with existing security policies and !-- configurations for traffic that is authorized to be sent !-- to infrastructure devices. !-- Create a Class-Map for traffic to be policed by !-- the CoPP feature. class-map match-all drop-sip-class match access-group 100 !-- Create a Policy-Map that will be applied to the !-- Control-Plane of the device. policy-map control-plane-policy class drop-sip-class drop !-- Apply the Policy-Map to the Control-Plane of the !-- device. control-plane service-policy input control-plane-policy Note: Because SIP can use UDP as a transport protocol, it is possible to easily spoof the IP address of the sender, which may defeat access control lists that permit communication to these ports from trusted IP addresses. In the above CoPP example, the access control entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function. Additional information on the configuration and use of the CoPP feature can be found at http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html and http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. These vulnerabilities were discovered by Cisco during internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at : http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-----------------------------------------+ | Revision | | Initial | | 1.0 | 2010-September-22 | public | | | | release. | +-----------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) iEYEARECAAYFAkyZ/SsACgkQ86n/Gc8U/uAExQCePGMUBQypd2bPNr1CbH19j1h3 9WgAn0czHTv1JOH6pJl2Bz4MRrPzokRR =6+8R -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . There is a workaround for these vulnerabilities. The software version can also be determined by running the show version active command via the command-line interface. Each vulnerability is triggered by a malformed SIP message that could cause a critical process to fail, which could result in the disruption of voice services. The first SIP DoS vulnerability is documented in Cisco Bug ID CSCta31358 ( registered customers only) and has been assigned the CVE identifier CVE-2010-2835. The corresponding IOS defect is CSCta20040. The second SIP DoS vulnerability is documented in Cisco Bug ID CSCtf14987 ( registered customers only) and has been assigned the CVE identifier CVE-2010-2834. The corresponding IOS defect is CSCtf72678. SIP processing is enabled by default. Use the following instructions to disable SIP processing: Step 1: Log into the Cisco Unified CM Administration web interface. Step 3: Change the "SIP Interoperability Enabled" parameter to False, and click Save. For information on how to restart the service, refer to the "Restarting the Cisco CallManager Service" section of the document at: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/7_1_2/ccmcfg/b03dpi.html#wp1075124 It is possible to mitigate these vulnerabilities by implementing filtering on screening devices and permitting access to TCP ports 5060 and 5061 and UDP ports 5060 and 5061 only from networks that require SIP access to Cisco Unified Communications Manager servers. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS SIP Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41549 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41549/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41549 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41549/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41549/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41549 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). 3) An error when processing specially crafted Session Initiation Protocol (SIP) packets can be exploited to cause a device to reload. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-sip: http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . SOLUTION: Update to the latest version

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987. plural Cisco The product includes SIP Service operation is interrupted due to incomplete processing (DoS) There is a vulnerability that becomes a condition. The problem is Bug IDs CSCtf72678 and CSCtf14987 It is a problem.By a third party UDP Cleverly crafted via SIP Service disruption through registered traffic (DoS) There is a possibility of being put into a state. Cisco Unified Communications Manager is a call processing component in the Cisco IP Telephony solution. When dealing with an illegal \"Refer-To\" header, there is an error, and special SIP messages can be used to terminate important processes and disrupt voice services. An attacker can exploit this issue to cause an interruption in voice services or cause the affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug IDs CSCtf14987 and CSCtf72678. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100922-cucmsip http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml Revision 1.0 For Public Release 2010 September 22 1600 UTC (GMT) - --------------------------------------------------------------------- Summary ======= Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. To address these vulnerabilities, Cisco has released free software updates. There is a workaround for these vulnerabilities. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml Note: Cisco IOS Software is also affected by the vulnerabilities described in this advisory. A companion advisory for Cisco IOS software is available at: http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The software version can also be determined by running the show version active command via the command-line interface. No other Cisco products are currently known to be affected by these vulnerabilities. All SIP ports (TCP ports 5060 and 5061 and UDP ports 5060 and 5061) are affected. The first SIP DoS vulnerability is documented in Cisco Bug ID CSCta31358 ( registered customers only) and has been assigned the CVE identifier CVE-2010-2835. The corresponding IOS defect is CSCta20040. The second SIP DoS vulnerability is documented in Cisco Bug ID CSCtf14987 ( registered customers only) and has been assigned the CVE identifier CVE-2010-2834. The corresponding IOS defect is CSCtf72678. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCta31358 - c3945 GW crashes while testing REFER method with invalid Refer-To header CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtf14987 - CCM Coredump Generated During UDP SIP Registration Fuzzing CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed Impact ====== Successful exploitation of the vulnerabilities that are described in this advisory could result in the interruption of voice services. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. +---------------------------------------+ | Cisco Unified | Recommended | | Communication Manager | Release | | Version | | |-------------------------+-------------| | 6.x | 6.1(5)SU1 | |-------------------------+-------------| | 7.x | 7.1(5b)SU2 | |-------------------------+-------------| | 8.x | 8.0(3a) | +---------------------------------------+ Note: The recommended releases listed in the table above are the latest Cisco Unified Communications Manager versions available at the publication of this advisory, and each release includes software fixes for all the vulnerabilities described in this advisory. Cisco Unified Communications Manager software can be downloaded at the following link: http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=268439621 Workarounds =========== For customers who do not use SIP in their environment, there is a workaround for these vulnerabilities. SIP processing is enabled by default. Use the following instructions to disable SIP processing: Step 1: Log into the Cisco Unified CM Administration web interface. Step 3: Change the "SIP Interoperability Enabled" parameter to False, and click Save. For information on how to restart the service, refer to the "Restarting the Cisco CallManager Service" section of the document at: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/7_1_2/ccmcfg/b03dpi.html#wp1075124 It is possible to mitigate these vulnerabilities by implementing filtering on screening devices and permitting access to TCP ports 5060 and 5061 and UDP ports 5060 and 5061 only from networks that require SIP access to Cisco Unified Communications Manager servers. Additional mitigations that can be deployed on Cisco devices in the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Voice Products", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100922-voice.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. All vulnerabilities described in this advisory were discovered as a result of internal testing conducted by Cisco. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at : http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +----------------------------------------+ | Revision | | Initial | | 1.0 | 2010-September-22 | public | | | | release | +----------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) iEYEARECAAYFAkyaIp0ACgkQ86n/Gc8U/uCsDQCbBrZ7ciwiNVxErJOxLLICNgXv dE0An3lej+RKwoUMMf+GKTm/BBOHmlQL =dwdr -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS SIP Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41549 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41549/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41549 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41549/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41549/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41549 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA36498 2) An error when processing certain unspecified Session Initiation Protocol (SIP) traffic can be exploited to cause a device to reload. 3) An error when processing specially crafted Session Initiation Protocol (SIP) packets can be exploited to cause a device to reload. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-sip: http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . SOLUTION: Update to the latest version

Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624. The problem is Bug ID : CSCtf17624 It is a problem.By a third party UDP port 5060 Service disruption through traffic on (DoS) There is a possibility of being put into a state. Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit these issues to cause an affected device to crash, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtf17624. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS NAT Implementation Three Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41539 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41539/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41539 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41539/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41539/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41539 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Three vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). SOLUTION: Update to a fixed version. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-nat: http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Advisory ID: cisco-sa-20100922-nat http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml Revision 1.0 For Public Release 2010 September 22 1600 UTC (GMT) - --------------------------------------------------------------------- Summary ======= The Cisco IOS Software Network Address Translation functionality contains three denial of service (DoS) vulnerabilities. The first vulnerability is in the translation of Session Initiation Protocol (SIP) packets, the second vulnerability in the translation of H.323 packets and the third vulnerability is in the translation of H.225.0 call signaling for H.323 packets. Cisco has released free software updates that address these vulnerabilities. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html Affected Products ================= Vulnerable Products +------------------ Cisco devices running Cisco IOS Software that are configured for NAT and that support NAT for SIP, H.323, or H.225.0 call signaling for H.323 packets are affected. To verify whether NAT is enabled on a Cisco IOS device log in to the device and issue the show ip nat statistics command. The following example shows a device that is configured with NAT: Router#show ip nat statistics Total translations: 2 (0 static, 2 dynamic; 0 extended) Outside interfaces: Serial0 Inside interfaces: Ethernet1 Hits: 135 Misses: 5 Expired translations: 2 Dynamic mappings: -- Inside Source access-list 1 pool mypool refcount 2 pool mypool: netmask 255.255.255.0 start 192.168.10.1 end 192.168.10.254 type generic, total addresses 14, allocated 2 (14%), misses 0 Alternatively, administrators can use the show running-config | include ip nat command to verify if NAT has been enabled on the router interfaces. For NAT to be enabled in a router either the ip nat inside and ip nat outside commands must be present in different interfaces or, in the case of NAT Virtual Interface, if the ip nat enable interface command is present. In order to determine the software that runs on a Cisco IOS product, log in to the device and issue the show version command to display the system banner. Cisco IOS software identifies itself as "Internetwork Operating System Software" or simply "IOS." On the next line of output, the image name displays between parentheses, followed by "Version" and the Cisco IOS release name. Other Cisco devices do not have the show version command or give different output. The following example shows output from a device that runs an IOS image: Router> show version Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Wed 02-Dec-09 17:17 by prod_rel_team <More output removed for brevity> Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS devices not explicitly configured for NAT are not vulnerable. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= The three vulnerabilities are triggered by transit traffic that needs to be processed by the NAT feature. Each vulnerability is independent of each other. NAT for SIP DoS Vulnerability +---------------------------- SIP is a popular signaling protocol that is used to manage voice and video calls across IP networks such as the Internet. SIP is responsible for handling all aspects of call setup and termination. Voice and video are the most popular types of sessions that SIP handles, but the protocol has the flexibility to accommodate other applications that require call setup and termination. NAT for SIP translates packets using UDP (port 5060) or TCP (port 5060) as the underlying transport protocol. NAT for H.323 DoS Vulnerability +------------------------------ H.323 is the International Telecommunication Union (ITU) standard for real-time multimedia communications and conferencing over packet-based (IP) networks. NAT for H.323 translates packets on TCP port 1720. There is a DoS vulnerability in the NAT procession of H.323 packets. The vulnerability does not require the completion of a TCP three-way handshake. NAT for H.225.0 DoS vulnerability +-------------------------------- H.323 is the ITU standard for real-time multimedia communications and conferencing over packet-based (IP) networks. A subset of the H.323 standard is H.225.0, a standard used for call signaling protocols and media stream packetization over IP networks. NAT for H.225.0 translates packets on TCP port 1720. There is a DoS vulnerability in the NAT translation of H.225.0 call signaling for H.323 packets. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCtf17624 - NAT SIP DoS Vulnerability CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtf91428 - NAT for H.323 DoS CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtd86472 - NAT for H.225.0 DoS CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed Impact ====== Successful exploitation of any of the vulnerabilities described in this document may cause the affected device to reload. Repeated exploitation will result in an extended denial of service (DoS) condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the following Cisco IOS Software table corresponds to a Cisco IOS Software train. If a particular train is vulnerable, the earliest releases that contain the fix are listed in the First Fixed Release For This Advisory column. The First Fixed Release for All Advisories in the September 2010 Bundle Publication column lists the earliest possible releases that correct all the published vulnerabilities in the Cisco IOS Software Security Advisory bundled publication. Cisco recommends upgrading to the latest available release, where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1 | | | | | Releases up to and | Releases up to and | | | including 12.1(4b) are | including 12.1(4b) are | | | not vulnerable. | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1E | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1T | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(3a)T8 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XL | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XP | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XQ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XR | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XS | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(3)XS are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XT | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(2)XT2 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XV | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XY | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(4)XY are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Releases prior to 12.1(5) | | | | YE6 are vulnerable, | | 12.1YE | Not Vulnerable | release 12.1(5)YE6 and | | | | later are not vulnerable; | | | | first fixed in 12.4T | |------------+--------------------------+---------------------------| | 12.1YF | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1YI | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4 | | | 12.2 | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.2(16f) are | | | | not vulnerable. | | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.2B | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(2)B7 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.2BC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2BW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.2SB | | 12.2BX | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(15)BX are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.2BY | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(2)BY3 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.2BZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2CX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2CY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2CZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2DD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2DX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EX | Vulnerable; migrate to | Not Vulnerable | | | any release in 12.2SE | | |------------+--------------------------+---------------------------| | 12.2EY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2JK | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(15)MC1 are | | 12.2MC | Not Vulnerable | not vulnerable. Releases | | | | 12.2(15)MC2b and later | | | | are not vulnerable; first | | | | fixed in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2MRA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2MRB | 12.2(33)MRB2 | 12.2(33)MRB2 | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2S | (30)S are vulnerable, | (30)S are vulnerable, | | | release 12.2(30)S and | release 12.2(30)S and | | | later are not vulnerable | later are not vulnerable | |------------+--------------------------+---------------------------| | | | 12.2(31)SB19; Releases | | | | prior to 12.2(33)SB5 are | | 12.2SB | Not Vulnerable | vulnerable, release 12.2 | | | | (33)SB5 and later are not | | | | vulnerable | |------------+--------------------------+---------------------------| | 12.2SBC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | |------------+--------------------------+---------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+--------------------------+---------------------------| | | 12.2(33)SCB10 | | | 12.2SCB | | 12.2(33)SCB9 | | | 12.2(33)SCB9 | | |------------+--------------------------+---------------------------| | 12.2SCC | 12.2(33)SCC5 | 12.2(33)SCC5 | |------------+--------------------------+---------------------------| | | 12.2(33)SCD3 | | | 12.2SCD | | 12.2(33)SCD3 | | | 12.2(33)SCD4 | | |------------+--------------------------+---------------------------| | 12.2SE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SED | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (40)SG are vulnerable, | (40)SG are vulnerable, | | 12.2SG | release 12.2(40)SG and | release 12.2(40)SG and | | | later are not | later are not vulnerable; | | | vulnerable; migrate to | migrate to any release in | | | any release in 12.2SGA | 12.2SGA | |------------+--------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SRA | Not Vulnerable | (33)SRA6 are vulnerable, | | | | release 12.2(33)SRA6 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SRB | Not Vulnerable | (33)SRB1 are vulnerable, | | | | release 12.2(33)SRB1 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRC | Not Vulnerable | Not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRD | Not Vulnerable | Not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRE | 12.2(33)SRE1 | 12.2(33)SRE1 | |------------+--------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (29b)SV1 are vulnerable, | (29b)SV1 are vulnerable, | | 12.2SV | release 12.2(29b)SV1 and | release 12.2(29b)SV1 and | | | later are not | later are not vulnerable; | | | vulnerable; migrate to | migrate to any release in | | | any release in 12.2SVD | 12.2SVD | |------------+--------------------------+---------------------------| | 12.2SVA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases up to and | | | | including 12.2(25)SW3 | Releases up to and | | | are not vulnerable. | including 12.2(21)SW1 are | | 12.2SW | | not vulnerable. Releases | | | Releases 12.2(25)SW12 | 12.2(25)SW12 and later | | | and later are not | are not vulnerable; first | | | vulnerable; first fixed | fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | | Releases up to and | Releases up to and | | 12.2SX | including 12.2(14)SX2 | including 12.2(14)SX2 are | | | are not vulnerable. | not vulnerable. | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (18)SXF11 are | (18)SXF11 are vulnerable, | | 12.2SXF | vulnerable, releases | releases 12.2(18)SXF11 | | | 12.2(18)SXF11 and later | and later are not | | | are not vulnerable | vulnerable | |------------+--------------------------+---------------------------| | 12.2SXH | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SXI | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | | | | support organization per | | | 12.2SY | the instructions in | Not Vulnerable | | | Obtaining Fixed Software | | | | section of this advisory | | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2T | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2XA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XG | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XK | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XL | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XN | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | |------------+--------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XQ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XR | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XS | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XT | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XV | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YP | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YQ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YR | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YT | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YU | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2YV | Not Vulnerable | (11)YV1 are vulnerable, | | | | release 12.2(11)YV1 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YW | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | 12.2ZB | Not Vulnerable | including 12.2(8)ZB are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2ZF | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2ZG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2ZH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZP | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZYA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.3 | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3B | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3BC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3BW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JED | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | Releases up to and | | | not vulnerable. | including 12.3(2)JK3 are | | 12.3JK | | not vulnerable. Releases | | | Releases 12.3(8)JK1 and | 12.3(8)JK1 and later are | | | later are not | not vulnerable; first | | | vulnerable; first fixed | fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.3JL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3T | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3VA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.3XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XE | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.3 | Releases prior to 12.3(7) | | | (7)XI11 are vulnerable, | XI11 are vulnerable, | | 12.3XI | release 12.3(7)XI11 and | releases 12.3(7)XI11 and | | | later are not | later are not vulnerable; | | | vulnerable; first fixed | first fixed in 12.2SB | | | in 12.2SB | | |------------+--------------------------+---------------------------| | 12.3XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+--------------------------+---------------------------| | 12.3XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XS | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XY | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+--------------------------+---------------------------| | 12.3YG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YI | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YS | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YX | 12.3(14)YX17 | Vulnerable; first fixed | | | | in 12.4XR | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3ZA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.4 | 12.4(25d) | 12.4(25d) | |------------+--------------------------+---------------------------| | 12.4GC | 12.4(24)GC2 | 12.4(24)GC2 | |------------+--------------------------+---------------------------| | 12.4JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JHB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JK | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JMA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JMB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4MD | 12.4(22)MD2 | 12.4(24)MD2 | |------------+--------------------------+---------------------------| | 12.4MDA | 12.4(22)MDA4 | 12.4(22)MDA4 | |------------+--------------------------+---------------------------| | 12.4MR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4MRA | in 12.4MRA | |------------+--------------------------+---------------------------| | 12.4MRA | 12.4(20)MRA1 | 12.4(20)MRA1 | |------------+--------------------------+---------------------------| | | Releases prior to 12.4 | | | | (15)SW6 are vulnerable, | | | 12.4SW | release 12.4(15)SW6 and | Vulnerable; first fixed | | | later are not | in 12.4T | | | vulnerable; first fixed | | | | in 12.4T | | |------------+--------------------------+---------------------------| | | 12.4(15)T14 | 12.4(15)T14 | | | | | | 12.4T | 12.4(20)T6 | 12.4(20)T6 | | | | | | | 12.4(24)T4 | 12.4(24)T4 | |------------+--------------------------+---------------------------| | 12.4XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.4 | Releases prior to 12.4(6) | | | (6)XE5 are vulnerable, | XE5 are vulnerable, | | 12.4XE | release 12.4(6)XE5 and | release 12.4(6)XE5 and | | | later are not | later are not vulnerable; | | | vulnerable; first fixed | first fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.4XF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XQ | 12.4(15)XQ6; Available | 12.4(15)XQ6; Available on | | | on 22-SEP-10 | 22-SEP-10 | |------------+--------------------------+---------------------------| | | 12.4(15)XR9 | 12.4(15)XR9 | | 12.4XR | | | | | 12.4(22)XR7 | 12.4(22)XR7 | |------------+--------------------------+---------------------------| | 12.4XT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4YE | Vulnerable; first fixed | 12.4(24)YE1 | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.4YG | 12.4(24)YG3 | 12.4(24)YG3 | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 15.0M | 15.0(1)M3 | 15.0(1)M3 | |------------+--------------------------+---------------------------| | | Cisco 7600 and 10000 | Cisco 7600 and 10000 | | | Series routers: 15.0(1) | Series routers: 15.0(1)S1 | | | S1 | | | 15.0S | | Cisco ASR 1000 Series | | | Cisco ASR 1000 Series | routers: Please see Cisco | | | routers: Please see | IOS-XE Software | | | Cisco IOS-XE Software | Availability | | | Availability | | |------------+--------------------------+---------------------------| | 15.0XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 15.1T | in 15.1T | |------------+--------------------------+---------------------------| | 15.0XO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 15.1T | 15.1(1)T1 | 15.1(2)T1 | |------------+--------------------------+---------------------------| | 15.1XB | 15.1(1)XB2 | Vulnerable; first fixed | | | | in 15.1T | +-------------------------------------------------------------------+ Cisco IOS XE Software +-------------------- +-------------------------------------------------------------------+ | Cisco IOS | First Fixed | First Fixed Release for All | | XE | Release for This | Advisories in the September 2010 | | Release | Advisory | Bundle Publication | |-----------+------------------+------------------------------------| | 2.1.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.2.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.3.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.4.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.5.x | Not Vulnerable | Vulnerable; migrate to 2.6.2 or | | | | later | |-----------+------------------+------------------------------------| | 2.6.x | Not Vulnerable | 2.6.2 | |-----------+------------------+------------------------------------| | 3.1.xS | Not Vulnerable | Not Vulnerable | +-------------------------------------------------------------------+ For mapping of Cisco IOS XE Software releases to Cisco IOS Software releases, refer to the Cisco IOS XE 2 and Cisco IOS XE 3S Release Notes. Cisco IOS XR Software Table +-------------------------- Cisco IOS XR Software is not affected by the vulnerabilities disclosed in the September 22, 2010, Cisco IOS Software Security Advisory bundle publication. Workarounds =========== The mitigations for the NAT vulnerabilities disable the respective Application Layer Gateway NAT processing. That is, packets will continue to be translated at the network and transport layers, but the embedded IP addresses will not be translated. Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +---------------------------------------+ | Revision | | Initial | | 1.0 | 2010-Sep-22 | public | | | | release. | +---------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) iEYEARECAAYFAkyZ/SkACgkQ86n/Gc8U/uAspwCcD7e0kd3Am/wQynOLnZ1j8RiE SE8AnA447FqSKGuXC9tKS4PFdZpsRb8f =fe0l -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428. The problem is Bug ID : CSCtf91428 It is a problem.Service disruption via traffic by a third party (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtf91428. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS NAT Implementation Three Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41539 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41539/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41539 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41539/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41539/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41539 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Three vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). SOLUTION: Update to a fixed version. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-nat: http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Advisory ID: cisco-sa-20100922-nat http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml Revision 1.0 For Public Release 2010 September 22 1600 UTC (GMT) - --------------------------------------------------------------------- Summary ======= The Cisco IOS Software Network Address Translation functionality contains three denial of service (DoS) vulnerabilities. The first vulnerability is in the translation of Session Initiation Protocol (SIP) packets, the second vulnerability in the translation of H.323 packets and the third vulnerability is in the translation of H.225.0 call signaling for H.323 packets. Cisco has released free software updates that address these vulnerabilities. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html Affected Products ================= Vulnerable Products +------------------ Cisco devices running Cisco IOS Software that are configured for NAT and that support NAT for SIP, H.323, or H.225.0 call signaling for H.323 packets are affected. To verify whether NAT is enabled on a Cisco IOS device log in to the device and issue the show ip nat statistics command. The following example shows a device that is configured with NAT: Router#show ip nat statistics Total translations: 2 (0 static, 2 dynamic; 0 extended) Outside interfaces: Serial0 Inside interfaces: Ethernet1 Hits: 135 Misses: 5 Expired translations: 2 Dynamic mappings: -- Inside Source access-list 1 pool mypool refcount 2 pool mypool: netmask 255.255.255.0 start 192.168.10.1 end 192.168.10.254 type generic, total addresses 14, allocated 2 (14%), misses 0 Alternatively, administrators can use the show running-config | include ip nat command to verify if NAT has been enabled on the router interfaces. For NAT to be enabled in a router either the ip nat inside and ip nat outside commands must be present in different interfaces or, in the case of NAT Virtual Interface, if the ip nat enable interface command is present. In order to determine the software that runs on a Cisco IOS product, log in to the device and issue the show version command to display the system banner. Cisco IOS software identifies itself as "Internetwork Operating System Software" or simply "IOS." On the next line of output, the image name displays between parentheses, followed by "Version" and the Cisco IOS release name. Other Cisco devices do not have the show version command or give different output. The following example shows output from a device that runs an IOS image: Router> show version Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Wed 02-Dec-09 17:17 by prod_rel_team <More output removed for brevity> Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS devices not explicitly configured for NAT are not vulnerable. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= The three vulnerabilities are triggered by transit traffic that needs to be processed by the NAT feature. Each vulnerability is independent of each other. NAT for SIP DoS Vulnerability +---------------------------- SIP is a popular signaling protocol that is used to manage voice and video calls across IP networks such as the Internet. SIP is responsible for handling all aspects of call setup and termination. Voice and video are the most popular types of sessions that SIP handles, but the protocol has the flexibility to accommodate other applications that require call setup and termination. NAT for SIP translates packets using UDP (port 5060) or TCP (port 5060) as the underlying transport protocol. The NAT for SIP DoS vulnerability can be exploited only with the use of UDP port 5060 packets. NAT for H.323 DoS Vulnerability +------------------------------ H.323 is the International Telecommunication Union (ITU) standard for real-time multimedia communications and conferencing over packet-based (IP) networks. NAT for H.323 translates packets on TCP port 1720. There is a DoS vulnerability in the NAT procession of H.323 packets. The vulnerability does not require the completion of a TCP three-way handshake. NAT for H.225.0 DoS vulnerability +-------------------------------- H.323 is the ITU standard for real-time multimedia communications and conferencing over packet-based (IP) networks. A subset of the H.323 standard is H.225.0, a standard used for call signaling protocols and media stream packetization over IP networks. NAT for H.225.0 translates packets on TCP port 1720. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCtf17624 - NAT SIP DoS Vulnerability CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtf91428 - NAT for H.323 DoS CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtd86472 - NAT for H.225.0 DoS CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed Impact ====== Successful exploitation of any of the vulnerabilities described in this document may cause the affected device to reload. Repeated exploitation will result in an extended denial of service (DoS) condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the following Cisco IOS Software table corresponds to a Cisco IOS Software train. If a particular train is vulnerable, the earliest releases that contain the fix are listed in the First Fixed Release For This Advisory column. The First Fixed Release for All Advisories in the September 2010 Bundle Publication column lists the earliest possible releases that correct all the published vulnerabilities in the Cisco IOS Software Security Advisory bundled publication. Cisco recommends upgrading to the latest available release, where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1 | | | | | Releases up to and | Releases up to and | | | including 12.1(4b) are | including 12.1(4b) are | | | not vulnerable. | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1E | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1T | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(3a)T8 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XL | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XP | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XQ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XR | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XS | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(3)XS are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XT | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(2)XT2 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XV | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XY | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(4)XY are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Releases prior to 12.1(5) | | | | YE6 are vulnerable, | | 12.1YE | Not Vulnerable | release 12.1(5)YE6 and | | | | later are not vulnerable; | | | | first fixed in 12.4T | |------------+--------------------------+---------------------------| | 12.1YF | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1YI | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4 | | | 12.2 | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.2(16f) are | | | | not vulnerable. | | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.2B | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(2)B7 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.2BC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2BW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.2SB | | 12.2BX | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(15)BX are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.2BY | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(2)BY3 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.2BZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2CX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2CY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2CZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2DD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2DX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EX | Vulnerable; migrate to | Not Vulnerable | | | any release in 12.2SE | | |------------+--------------------------+---------------------------| | 12.2EY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2JK | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(15)MC1 are | | 12.2MC | Not Vulnerable | not vulnerable. Releases | | | | 12.2(15)MC2b and later | | | | are not vulnerable; first | | | | fixed in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2MRA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2MRB | 12.2(33)MRB2 | 12.2(33)MRB2 | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2S | (30)S are vulnerable, | (30)S are vulnerable, | | | release 12.2(30)S and | release 12.2(30)S and | | | later are not vulnerable | later are not vulnerable | |------------+--------------------------+---------------------------| | | | 12.2(31)SB19; Releases | | | | prior to 12.2(33)SB5 are | | 12.2SB | Not Vulnerable | vulnerable, release 12.2 | | | | (33)SB5 and later are not | | | | vulnerable | |------------+--------------------------+---------------------------| | 12.2SBC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | |------------+--------------------------+---------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+--------------------------+---------------------------| | | 12.2(33)SCB10 | | | 12.2SCB | | 12.2(33)SCB9 | | | 12.2(33)SCB9 | | |------------+--------------------------+---------------------------| | 12.2SCC | 12.2(33)SCC5 | 12.2(33)SCC5 | |------------+--------------------------+---------------------------| | | 12.2(33)SCD3 | | | 12.2SCD | | 12.2(33)SCD3 | | | 12.2(33)SCD4 | | |------------+--------------------------+---------------------------| | 12.2SE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SED | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (40)SG are vulnerable, | (40)SG are vulnerable, | | 12.2SG | release 12.2(40)SG and | release 12.2(40)SG and | | | later are not | later are not vulnerable; | | | vulnerable; migrate to | migrate to any release in | | | any release in 12.2SGA | 12.2SGA | |------------+--------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SRA | Not Vulnerable | (33)SRA6 are vulnerable, | | | | release 12.2(33)SRA6 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SRB | Not Vulnerable | (33)SRB1 are vulnerable, | | | | release 12.2(33)SRB1 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRC | Not Vulnerable | Not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRD | Not Vulnerable | Not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRE | 12.2(33)SRE1 | 12.2(33)SRE1 | |------------+--------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (29b)SV1 are vulnerable, | (29b)SV1 are vulnerable, | | 12.2SV | release 12.2(29b)SV1 and | release 12.2(29b)SV1 and | | | later are not | later are not vulnerable; | | | vulnerable; migrate to | migrate to any release in | | | any release in 12.2SVD | 12.2SVD | |------------+--------------------------+---------------------------| | 12.2SVA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases up to and | | | | including 12.2(25)SW3 | Releases up to and | | | are not vulnerable. | including 12.2(21)SW1 are | | 12.2SW | | not vulnerable. Releases | | | Releases 12.2(25)SW12 | 12.2(25)SW12 and later | | | and later are not | are not vulnerable; first | | | vulnerable; first fixed | fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | | Releases up to and | Releases up to and | | 12.2SX | including 12.2(14)SX2 | including 12.2(14)SX2 are | | | are not vulnerable. | not vulnerable. | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (18)SXF11 are | (18)SXF11 are vulnerable, | | 12.2SXF | vulnerable, releases | releases 12.2(18)SXF11 | | | 12.2(18)SXF11 and later | and later are not | | | are not vulnerable | vulnerable | |------------+--------------------------+---------------------------| | 12.2SXH | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SXI | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | | | | support organization per | | | 12.2SY | the instructions in | Not Vulnerable | | | Obtaining Fixed Software | | | | section of this advisory | | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2T | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2XA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XG | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XK | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XL | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XN | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | |------------+--------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XQ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XR | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XS | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XT | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XV | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YP | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YQ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YR | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YT | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YU | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2YV | Not Vulnerable | (11)YV1 are vulnerable, | | | | release 12.2(11)YV1 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YW | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | 12.2ZB | Not Vulnerable | including 12.2(8)ZB are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2ZF | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2ZG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2ZH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZP | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZYA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.3 | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3B | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3BC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3BW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JED | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | Releases up to and | | | not vulnerable. | including 12.3(2)JK3 are | | 12.3JK | | not vulnerable. Releases | | | Releases 12.3(8)JK1 and | 12.3(8)JK1 and later are | | | later are not | not vulnerable; first | | | vulnerable; first fixed | fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.3JL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3T | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3VA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.3XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XE | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.3 | Releases prior to 12.3(7) | | | (7)XI11 are vulnerable, | XI11 are vulnerable, | | 12.3XI | release 12.3(7)XI11 and | releases 12.3(7)XI11 and | | | later are not | later are not vulnerable; | | | vulnerable; first fixed | first fixed in 12.2SB | | | in 12.2SB | | |------------+--------------------------+---------------------------| | 12.3XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+--------------------------+---------------------------| | 12.3XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XS | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XY | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+--------------------------+---------------------------| | 12.3YG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YI | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YS | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YX | 12.3(14)YX17 | Vulnerable; first fixed | | | | in 12.4XR | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3ZA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.4 | 12.4(25d) | 12.4(25d) | |------------+--------------------------+---------------------------| | 12.4GC | 12.4(24)GC2 | 12.4(24)GC2 | |------------+--------------------------+---------------------------| | 12.4JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JHB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JK | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JMA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JMB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4MD | 12.4(22)MD2 | 12.4(24)MD2 | |------------+--------------------------+---------------------------| | 12.4MDA | 12.4(22)MDA4 | 12.4(22)MDA4 | |------------+--------------------------+---------------------------| | 12.4MR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4MRA | in 12.4MRA | |------------+--------------------------+---------------------------| | 12.4MRA | 12.4(20)MRA1 | 12.4(20)MRA1 | |------------+--------------------------+---------------------------| | | Releases prior to 12.4 | | | | (15)SW6 are vulnerable, | | | 12.4SW | release 12.4(15)SW6 and | Vulnerable; first fixed | | | later are not | in 12.4T | | | vulnerable; first fixed | | | | in 12.4T | | |------------+--------------------------+---------------------------| | | 12.4(15)T14 | 12.4(15)T14 | | | | | | 12.4T | 12.4(20)T6 | 12.4(20)T6 | | | | | | | 12.4(24)T4 | 12.4(24)T4 | |------------+--------------------------+---------------------------| | 12.4XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.4 | Releases prior to 12.4(6) | | | (6)XE5 are vulnerable, | XE5 are vulnerable, | | 12.4XE | release 12.4(6)XE5 and | release 12.4(6)XE5 and | | | later are not | later are not vulnerable; | | | vulnerable; first fixed | first fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.4XF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XQ | 12.4(15)XQ6; Available | 12.4(15)XQ6; Available on | | | on 22-SEP-10 | 22-SEP-10 | |------------+--------------------------+---------------------------| | | 12.4(15)XR9 | 12.4(15)XR9 | | 12.4XR | | | | | 12.4(22)XR7 | 12.4(22)XR7 | |------------+--------------------------+---------------------------| | 12.4XT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4YE | Vulnerable; first fixed | 12.4(24)YE1 | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.4YG | 12.4(24)YG3 | 12.4(24)YG3 | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 15.0M | 15.0(1)M3 | 15.0(1)M3 | |------------+--------------------------+---------------------------| | | Cisco 7600 and 10000 | Cisco 7600 and 10000 | | | Series routers: 15.0(1) | Series routers: 15.0(1)S1 | | | S1 | | | 15.0S | | Cisco ASR 1000 Series | | | Cisco ASR 1000 Series | routers: Please see Cisco | | | routers: Please see | IOS-XE Software | | | Cisco IOS-XE Software | Availability | | | Availability | | |------------+--------------------------+---------------------------| | 15.0XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 15.1T | in 15.1T | |------------+--------------------------+---------------------------| | 15.0XO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 15.1T | 15.1(1)T1 | 15.1(2)T1 | |------------+--------------------------+---------------------------| | 15.1XB | 15.1(1)XB2 | Vulnerable; first fixed | | | | in 15.1T | +-------------------------------------------------------------------+ Cisco IOS XE Software +-------------------- +-------------------------------------------------------------------+ | Cisco IOS | First Fixed | First Fixed Release for All | | XE | Release for This | Advisories in the September 2010 | | Release | Advisory | Bundle Publication | |-----------+------------------+------------------------------------| | 2.1.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.2.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.3.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.4.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.5.x | Not Vulnerable | Vulnerable; migrate to 2.6.2 or | | | | later | |-----------+------------------+------------------------------------| | 2.6.x | Not Vulnerable | 2.6.2 | |-----------+------------------+------------------------------------| | 3.1.xS | Not Vulnerable | Not Vulnerable | +-------------------------------------------------------------------+ For mapping of Cisco IOS XE Software releases to Cisco IOS Software releases, refer to the Cisco IOS XE 2 and Cisco IOS XE 3S Release Notes. Cisco IOS XR Software Table +-------------------------- Cisco IOS XR Software is not affected by the vulnerabilities disclosed in the September 22, 2010, Cisco IOS Software Security Advisory bundle publication. Workarounds =========== The mitigations for the NAT vulnerabilities disable the respective Application Layer Gateway NAT processing. That is, packets will continue to be translated at the network and transport layers, but the embedded IP addresses will not be translated. NAT for Session Initiation Protocol DoS Vulnerability +---------------------------------------------------- Mitigation for this vulnerability consists of disabling NAT for SIP over the UDP transport by using the no ip nat service udp port 5060 global configuration command. Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +---------------------------------------+ | Revision | | Initial | | 1.0 | 2010-Sep-22 | public | | | | release. | +---------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) iEYEARECAAYFAkyZ/SkACgkQ86n/Gc8U/uAspwCcD7e0kd3Am/wQynOLnZ1j8RiE SE8AnA447FqSKGuXC9tKS4PFdZpsRb8f =fe0l -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472. The problem is Bug ID : CSCtd86472 It is a problem.Service disruption via traffic by a third party (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtd86472. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS NAT Implementation Three Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41539 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41539/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41539 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41539/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41539/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41539 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Three vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). SOLUTION: Update to a fixed version. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-nat: http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Advisory ID: cisco-sa-20100922-nat http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml Revision 1.0 For Public Release 2010 September 22 1600 UTC (GMT) - --------------------------------------------------------------------- Summary ======= The Cisco IOS Software Network Address Translation functionality contains three denial of service (DoS) vulnerabilities. The first vulnerability is in the translation of Session Initiation Protocol (SIP) packets, the second vulnerability in the translation of H.323 packets and the third vulnerability is in the translation of H.225.0 call signaling for H.323 packets. Cisco has released free software updates that address these vulnerabilities. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html Affected Products ================= Vulnerable Products +------------------ Cisco devices running Cisco IOS Software that are configured for NAT and that support NAT for SIP, H.323, or H.225.0 call signaling for H.323 packets are affected. To verify whether NAT is enabled on a Cisco IOS device log in to the device and issue the show ip nat statistics command. The following example shows a device that is configured with NAT: Router#show ip nat statistics Total translations: 2 (0 static, 2 dynamic; 0 extended) Outside interfaces: Serial0 Inside interfaces: Ethernet1 Hits: 135 Misses: 5 Expired translations: 2 Dynamic mappings: -- Inside Source access-list 1 pool mypool refcount 2 pool mypool: netmask 255.255.255.0 start 192.168.10.1 end 192.168.10.254 type generic, total addresses 14, allocated 2 (14%), misses 0 Alternatively, administrators can use the show running-config | include ip nat command to verify if NAT has been enabled on the router interfaces. For NAT to be enabled in a router either the ip nat inside and ip nat outside commands must be present in different interfaces or, in the case of NAT Virtual Interface, if the ip nat enable interface command is present. In order to determine the software that runs on a Cisco IOS product, log in to the device and issue the show version command to display the system banner. Cisco IOS software identifies itself as "Internetwork Operating System Software" or simply "IOS." On the next line of output, the image name displays between parentheses, followed by "Version" and the Cisco IOS release name. Other Cisco devices do not have the show version command or give different output. The following example shows output from a device that runs an IOS image: Router> show version Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Wed 02-Dec-09 17:17 by prod_rel_team <More output removed for brevity> Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS devices not explicitly configured for NAT are not vulnerable. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= The three vulnerabilities are triggered by transit traffic that needs to be processed by the NAT feature. Each vulnerability is independent of each other. NAT for SIP DoS Vulnerability +---------------------------- SIP is a popular signaling protocol that is used to manage voice and video calls across IP networks such as the Internet. SIP is responsible for handling all aspects of call setup and termination. Voice and video are the most popular types of sessions that SIP handles, but the protocol has the flexibility to accommodate other applications that require call setup and termination. NAT for SIP translates packets using UDP (port 5060) or TCP (port 5060) as the underlying transport protocol. The NAT for SIP DoS vulnerability can be exploited only with the use of UDP port 5060 packets. NAT for H.323 DoS Vulnerability +------------------------------ H.323 is the International Telecommunication Union (ITU) standard for real-time multimedia communications and conferencing over packet-based (IP) networks. NAT for H.323 translates packets on TCP port 1720. There is a DoS vulnerability in the NAT procession of H.323 packets. The vulnerability does not require the completion of a TCP three-way handshake. NAT for H.225.0 DoS vulnerability +-------------------------------- H.323 is the ITU standard for real-time multimedia communications and conferencing over packet-based (IP) networks. A subset of the H.323 standard is H.225.0, a standard used for call signaling protocols and media stream packetization over IP networks. NAT for H.225.0 translates packets on TCP port 1720. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCtf17624 - NAT SIP DoS Vulnerability CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtf91428 - NAT for H.323 DoS CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtd86472 - NAT for H.225.0 DoS CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed Impact ====== Successful exploitation of any of the vulnerabilities described in this document may cause the affected device to reload. Repeated exploitation will result in an extended denial of service (DoS) condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the following Cisco IOS Software table corresponds to a Cisco IOS Software train. If a particular train is vulnerable, the earliest releases that contain the fix are listed in the First Fixed Release For This Advisory column. The First Fixed Release for All Advisories in the September 2010 Bundle Publication column lists the earliest possible releases that correct all the published vulnerabilities in the Cisco IOS Software Security Advisory bundled publication. Cisco recommends upgrading to the latest available release, where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1 | | | | | Releases up to and | Releases up to and | | | including 12.1(4b) are | including 12.1(4b) are | | | not vulnerable. | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1E | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1T | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(3a)T8 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XL | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XP | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XQ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XR | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XS | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(3)XS are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XT | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(2)XT2 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XV | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1XY | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(4)XY are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.1YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Releases prior to 12.1(5) | | | | YE6 are vulnerable, | | 12.1YE | Not Vulnerable | release 12.1(5)YE6 and | | | | later are not vulnerable; | | | | first fixed in 12.4T | |------------+--------------------------+---------------------------| | 12.1YF | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.1YH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1YI | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4 | | | 12.2 | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.2(16f) are | | | | not vulnerable. | | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.2B | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(2)B7 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.2BC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2BW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.2SB | | 12.2BX | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(15)BX are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.2BY | Not Vulnerable | | | | | Releases up to and | | | | including 12.2(2)BY3 are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | 12.2BZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2CX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2CY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2CZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2DD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2DX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EX | Vulnerable; migrate to | Not Vulnerable | | | any release in 12.2SE | | |------------+--------------------------+---------------------------| | 12.2EY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IRE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2IXH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2JK | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(15)MC1 are | | 12.2MC | Not Vulnerable | not vulnerable. Releases | | | | 12.2(15)MC2b and later | | | | are not vulnerable; first | | | | fixed in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2MRA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2MRB | 12.2(33)MRB2 | 12.2(33)MRB2 | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2S | (30)S are vulnerable, | (30)S are vulnerable, | | | release 12.2(30)S and | release 12.2(30)S and | | | later are not vulnerable | later are not vulnerable | |------------+--------------------------+---------------------------| | | | 12.2(31)SB19; Releases | | | | prior to 12.2(33)SB5 are | | 12.2SB | Not Vulnerable | vulnerable, release 12.2 | | | | (33)SB5 and later are not | | | | vulnerable | |------------+--------------------------+---------------------------| | 12.2SBC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | |------------+--------------------------+---------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+--------------------------+---------------------------| | | 12.2(33)SCB10 | | | 12.2SCB | | 12.2(33)SCB9 | | | 12.2(33)SCB9 | | |------------+--------------------------+---------------------------| | 12.2SCC | 12.2(33)SCC5 | 12.2(33)SCC5 | |------------+--------------------------+---------------------------| | | 12.2(33)SCD3 | | | 12.2SCD | | 12.2(33)SCD3 | | | 12.2(33)SCD4 | | |------------+--------------------------+---------------------------| | 12.2SE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SED | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SEG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (40)SG are vulnerable, | (40)SG are vulnerable, | | 12.2SG | release 12.2(40)SG and | release 12.2(40)SG and | | | later are not | later are not vulnerable; | | | vulnerable; migrate to | migrate to any release in | | | any release in 12.2SGA | 12.2SGA | |------------+--------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SRA | Not Vulnerable | (33)SRA6 are vulnerable, | | | | release 12.2(33)SRA6 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2SRB | Not Vulnerable | (33)SRB1 are vulnerable, | | | | release 12.2(33)SRB1 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRC | Not Vulnerable | Not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRD | Not Vulnerable | Not vulnerable | |------------+--------------------------+---------------------------| | 12.2SRE | 12.2(33)SRE1 | 12.2(33)SRE1 | |------------+--------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (29b)SV1 are vulnerable, | (29b)SV1 are vulnerable, | | 12.2SV | release 12.2(29b)SV1 and | release 12.2(29b)SV1 and | | | later are not | later are not vulnerable; | | | vulnerable; migrate to | migrate to any release in | | | any release in 12.2SVD | 12.2SVD | |------------+--------------------------+---------------------------| | 12.2SVA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SVE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases up to and | | | | including 12.2(25)SW3 | Releases up to and | | | are not vulnerable. | including 12.2(21)SW1 are | | 12.2SW | | not vulnerable. Releases | | | Releases 12.2(25)SW12 | 12.2(25)SW12 and later | | | and later are not | are not vulnerable; first | | | vulnerable; first fixed | fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | | Releases up to and | Releases up to and | | 12.2SX | including 12.2(14)SX2 | including 12.2(14)SX2 are | | | are not vulnerable. | not vulnerable. | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SXE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (18)SXF11 are | (18)SXF11 are vulnerable, | | 12.2SXF | vulnerable, releases | releases 12.2(18)SXF11 | | | 12.2(18)SXF11 and later | and later are not | | | are not vulnerable | vulnerable | |------------+--------------------------+---------------------------| | 12.2SXH | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2SXI | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | | | | support organization per | | | 12.2SY | the instructions in | Not Vulnerable | | | Obtaining Fixed Software | | | | section of this advisory | | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2T | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2XA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XF | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XG | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XK | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XL | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XN | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | |------------+--------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+--------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XQ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XR | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2XS | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XT | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XV | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2XW | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YM | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2YO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YP | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YQ | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YR | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YT | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YU | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2YV | Not Vulnerable | (11)YV1 are vulnerable, | | | | release 12.2(11)YV1 and | | | | later are not vulnerable | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YW | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | | Releases up to and | | 12.2ZB | Not Vulnerable | including 12.2(8)ZB are | | | | not vulnerable. | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2ZF | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.2ZG | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.2ZH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZP | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZYA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.3 | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3B | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3BC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3BW | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JEC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JED | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | Releases up to and | | | not vulnerable. | including 12.3(2)JK3 are | | 12.3JK | | not vulnerable. Releases | | | Releases 12.3(8)JK1 and | 12.3(8)JK1 and later are | | | later are not | not vulnerable; first | | | vulnerable; first fixed | fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.3JL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3JX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.3T | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3VA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+--------------------------+---------------------------| | 12.3XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XE | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.3 | Releases prior to 12.3(7) | | | (7)XI11 are vulnerable, | XI11 are vulnerable, | | 12.3XI | release 12.3(7)XI11 and | releases 12.3(7)XI11 and | | | later are not | later are not vulnerable; | | | vulnerable; first fixed | first fixed in 12.2SB | | | in 12.2SB | | |------------+--------------------------+---------------------------| | 12.3XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+--------------------------+---------------------------| | 12.3XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XS | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XY | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+--------------------------+---------------------------| | 12.3XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+--------------------------+---------------------------| | 12.3YG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YI | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YS | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.3YX | 12.3(14)YX17 | Vulnerable; first fixed | | | | in 12.4XR | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.3ZA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 12.4 | 12.4(25d) | 12.4(25d) | |------------+--------------------------+---------------------------| | 12.4GC | 12.4(24)GC2 | 12.4(24)GC2 | |------------+--------------------------+---------------------------| | 12.4JA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDC | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JDD | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JHB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JK | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JL | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JMA | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JMB | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JX | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4JY | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | 12.4MD | 12.4(22)MD2 | 12.4(24)MD2 | |------------+--------------------------+---------------------------| | 12.4MDA | 12.4(22)MDA4 | 12.4(22)MDA4 | |------------+--------------------------+---------------------------| | 12.4MR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4MRA | in 12.4MRA | |------------+--------------------------+---------------------------| | 12.4MRA | 12.4(20)MRA1 | 12.4(20)MRA1 | |------------+--------------------------+---------------------------| | | Releases prior to 12.4 | | | | (15)SW6 are vulnerable, | | | 12.4SW | release 12.4(15)SW6 and | Vulnerable; first fixed | | | later are not | in 12.4T | | | vulnerable; first fixed | | | | in 12.4T | | |------------+--------------------------+---------------------------| | | 12.4(15)T14 | 12.4(15)T14 | | | | | | 12.4T | 12.4(20)T6 | 12.4(20)T6 | | | | | | | 12.4(24)T4 | 12.4(24)T4 | |------------+--------------------------+---------------------------| | 12.4XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Releases prior to 12.4 | Releases prior to 12.4(6) | | | (6)XE5 are vulnerable, | XE5 are vulnerable, | | 12.4XE | release 12.4(6)XE5 and | release 12.4(6)XE5 and | | | later are not | later are not vulnerable; | | | vulnerable; first fixed | first fixed in 12.4T | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.4XF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XQ | 12.4(15)XQ6; Available | 12.4(15)XQ6; Available on | | | on 22-SEP-10 | 22-SEP-10 | |------------+--------------------------+---------------------------| | | 12.4(15)XR9 | 12.4(15)XR9 | | 12.4XR | | | | | 12.4(22)XR7 | 12.4(22)XR7 | |------------+--------------------------+---------------------------| | 12.4XT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | 12.4YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+--------------------------+---------------------------| | 12.4YE | Vulnerable; first fixed | 12.4(24)YE1 | | | in 12.4T | | |------------+--------------------------+---------------------------| | 12.4YG | 12.4(24)YG3 | 12.4(24)YG3 | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 15.0M | 15.0(1)M3 | 15.0(1)M3 | |------------+--------------------------+---------------------------| | | Cisco 7600 and 10000 | Cisco 7600 and 10000 | | | Series routers: 15.0(1) | Series routers: 15.0(1)S1 | | | S1 | | | 15.0S | | Cisco ASR 1000 Series | | | Cisco ASR 1000 Series | routers: Please see Cisco | | | routers: Please see | IOS-XE Software | | | Cisco IOS-XE Software | Availability | | | Availability | | |------------+--------------------------+---------------------------| | 15.0XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 15.1T | in 15.1T | |------------+--------------------------+---------------------------| | 15.0XO | Not Vulnerable | Not Vulnerable | |------------+--------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+--------------------------+---------------------------| | 15.1T | 15.1(1)T1 | 15.1(2)T1 | |------------+--------------------------+---------------------------| | 15.1XB | 15.1(1)XB2 | Vulnerable; first fixed | | | | in 15.1T | +-------------------------------------------------------------------+ Cisco IOS XE Software +-------------------- +-------------------------------------------------------------------+ | Cisco IOS | First Fixed | First Fixed Release for All | | XE | Release for This | Advisories in the September 2010 | | Release | Advisory | Bundle Publication | |-----------+------------------+------------------------------------| | 2.1.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.2.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.3.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.4.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.5.x | Not Vulnerable | Vulnerable; migrate to 2.6.2 or | | | | later | |-----------+------------------+------------------------------------| | 2.6.x | Not Vulnerable | 2.6.2 | |-----------+------------------+------------------------------------| | 3.1.xS | Not Vulnerable | Not Vulnerable | +-------------------------------------------------------------------+ For mapping of Cisco IOS XE Software releases to Cisco IOS Software releases, refer to the Cisco IOS XE 2 and Cisco IOS XE 3S Release Notes. Cisco IOS XR Software Table +-------------------------- Cisco IOS XR Software is not affected by the vulnerabilities disclosed in the September 22, 2010, Cisco IOS Software Security Advisory bundle publication. Workarounds =========== The mitigations for the NAT vulnerabilities disable the respective Application Layer Gateway NAT processing. That is, packets will continue to be translated at the network and transport layers, but the embedded IP addresses will not be translated. NAT for Session Initiation Protocol DoS Vulnerability +---------------------------------------------------- Mitigation for this vulnerability consists of disabling NAT for SIP over the UDP transport by using the no ip nat service udp port 5060 global configuration command. Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +---------------------------------------+ | Revision | | Initial | | 1.0 | 2010-Sep-22 | public | | | | release. | +---------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) iEYEARECAAYFAkyZ/SkACgkQ86n/Gc8U/uAspwCcD7e0kd3Am/wQynOLnZ1j8RiE SE8AnA447FqSKGuXC9tKS4PFdZpsRb8f =fe0l -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685. Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload or to stop accepting new TCP connections, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCtg21685. This vulnerability causes the connection to remain in the CLOSE-WAIT state. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS SSL VPN Memory Leak Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41552 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41552/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41552 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41552/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41552/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41552 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). This can be exploited to exhaust available memory resources and e.g. SOLUTION: Update to a fixed version. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-sslvpn: http://www.cisco.com/warp/public/707/cisco-sa-20100922-sslvpn.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco IOS SSL VPN Vulnerability Advisory ID: cisco-sa-20100922-sslvpn http://www.cisco.com/warp/public/707/cisco-sa-20100922-sslvpn.shtml Revision 1.0 For Public Release 2010 September 22 1600 UTC (GMT) - --------------------------------------------------------------------- Summary ======= Cisco IOS Software contains a vulnerability when the Cisco IOS SSL VPN feature is configured with an HTTP redirect. Cisco has released free software updates that address this vulnerability. There is a workaround to mitigate this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-sslvpn.shtml Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html Affected Products ================= Vulnerable Products +------------------ Devices running affected versions of Cisco IOS Software are vulnerable if configured with SSL VPN and HTTP port redirection. The following methods may be used to confirm if the device is configured for Cisco IOS SSL VPNs and is vulnerable: If the output from show running-config | include webvpn contains "webvpn gateway <word>" then the device is supporting the Cisco IOS SSL VPN feature. A device is vulnerable if it has the inservice command in at least one of the "webvpn gateway" sections and is configured for HTTP port redirection. The following example shows a vulnerable device configured with Cisco IOS SSL VPN: Router#show running | section webvpn webvpn gateway Gateway ip address 10.1.1.1 port 443 http-redirect port 80 ssl trustpoint Gateway-TP inservice ! Router# A device that supports the Cisco IOS SSL VPN is not vulnerable if "webvpn gateway" is not configured. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C2800NM-ADVSECURITYK9-M: Router#show version Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 22:00 by prod_rel_team ! --- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html Products Confirmed Not Vulnerable +-------------------------------- The following products are not affected by this vulnerability: * Cisco ASA 5500 Series Adaptive Security Appliances * Cisco IOS XR Software * Cisco IOS XE Software No other Cisco products are currently known to be affected by this vulnerability. Details ======= The Cisco IOS SSL VPN feature provides remote access to enterprise sites to users anywhere on the Internet. The SSL VPN provides users with secure access to specific enterprise applications, such as e-mail and web browsing, without requiring them to have VPN client software installed on their end-user devices. Authentication is not required to exploit this vulnerability. A complete TCP 3-way handshake is required to exploit this vulnerability. The memory leak can be detected by running the command show tcp brief as shown in the following example: Router#show tcp brief TCB Local Address Foreign Address (state) 468BBDC0 192.168.0.22.80 192.168.0.33.19794 CLOSEWAIT 482D4730 192.168.0.22.80 192.168.0.33.22092 CLOSEWAIT 482779A4 192.168.0.22.80 192.168.0.33.16978 CLOSEWAIT 4693DEBC 192.168.0.22.80 192.168.0.33.21580 CLOSEWAIT 482D3418 192.168.0.22.80 192.168.0.33.17244 CLOSEWAIT 482B8ACC 192.168.0.22.80 192.168.0.33.16564 CLOSEWAIT 46954EB0 192.168.0.22.80 192.168.0.33.19532 CLOSEWAIT 468BA9B8 192.168.0.22.80 192.168.0.33.15781 CLOSEWAIT 482908C4 192.168.0.22.80 192.168.0.33.19275 CLOSEWAIT 4829D66C 192.168.0.22.80 192.168.0.33.19314 CLOSEWAIT 468A2D94 192.168.0.22.80 192.168.0.33.14736 CLOSEWAIT 4688F590 192.168.0.22.80 192.168.0.33.18786 CLOSEWAIT 4693CBA4 192.168.0.22.80 192.168.0.33.12176 CLOSEWAIT 4829ABC4 192.168.0.22.80 192.168.0.33.39629 CLOSEWAIT 4691206C 192.168.0.22.80 192.168.0.33.17818 CLOSEWAIT 46868224 192.168.0.22.80 192.168.0.33.16774 CLOSEWAIT 4832BFAC 192.168.0.22.80 192.168.0.33.39883 CLOSEWAIT 482D10CC 192.168.0.22.80 192.168.0.33.13677 CLOSEWAIT 4829B120 192.168.0.22.80 192.168.0.33.20870 CLOSEWAIT 482862FC 192.168.0.22.80 192.168.0.33.17035 CLOSEWAIT 482EC13C 192.168.0.22.80 192.168.0.33.16053 CLOSEWAIT 482901D8 192.168.0.22.80 192.168.0.33.16200 CLOSEWAIT In the output above, the Transmission Control Blocks (TCBs) in the state CLOSEWAIT will not transition and represent a memory leak. Note that only TCP connections with a local TCP port of 80 (the well-known port for HTTP), as evidenced in the above example by a Local Address of 192.168.0.22.80, are relevant. This vulnerability is documented in Cisco bug ID CSCtg21685 and Common Vulnerabilities and Exposures (CVE) identifier CVE-2010-2836 has been assigned to this vulnerability. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerability in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at http://intellishield.cisco.com/security/alertmanager/cvss CSCtg21685 - SSLVPN : TCP remains stuck in closewait state CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed Impact ====== Successful exploitation of the vulnerability may result in a lack of available memory resources on the affected device, which could affect new connections to the device such as SSH and Telnet connections. Depletion of memory resources may also result in failing of routing protocols and other services. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the following Cisco IOS Software table corresponds to a Cisco IOS Software train. If a particular train is vulnerable, the earliest releases that contain the fix are listed in the First Fixed Release For This Advisory column. The First Fixed Release for All Advisories in the September 2010 Bundle Publication column lists the earliest possible releases that correct all the published vulnerabilities in the Cisco IOS Software Security Advisory bundled publication. Cisco recommends upgrading to the latest available release, where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | First Fixed Release | First Fixed Release for All | | 12.0-Based | for This Advisory | Advisories in the September | | Releases | | 2010 Bundle Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | First Fixed Release | First Fixed Release for All | | 12.1-Based | for This Advisory | Advisories in the September | | Releases | | 2010 Bundle Publication | |-------------------------------------------------------------------| | There are no affected 12.1 based releases | |-------------------------------------------------------------------| | Affected | First Fixed Release | First Fixed Release for All | | 12.2-Based | for This Advisory | Advisories in the September | | Releases | | 2010 Bundle Publication | |-------------------------------------------------------------------| | There are no affected 12.2 based releases | |-------------------------------------------------------------------| | Affected | First Fixed Release | First Fixed Release for All | | 12.3-Based | for This Advisory | Advisories in the September | | Releases | | 2010 Bundle Publication | |-------------------------------------------------------------------| | There are no affected 12.3 based releases | |-------------------------------------------------------------------| | Affected | First Fixed Release | First Fixed Release for All | | 12.4-Based | for This Advisory | Advisories in the September | | Releases | | 2010 Bundle Publication | |------------+----------------------+-------------------------------| | 12.4 | Not Vulnerable | 12.4(25d) | |------------+----------------------+-------------------------------| | 12.4GC | Not Vulnerable | 12.4(24)GC2 | |------------+----------------------+-------------------------------| | 12.4JA | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JDA | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JDC | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JDD | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JHB | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JK | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JL | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JMA | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JMB | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JX | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4JY | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD2 | |------------+----------------------+-------------------------------| | | | 12.4(22)MDA4 | | 12.4MDA | Not Vulnerable | | | | | 12.4(24)MDA1 | |------------+----------------------+-------------------------------| | 12.4MR | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4MRA | |------------+----------------------+-------------------------------| | 12.4MRA | Not Vulnerable | 12.4(20)MRA1 | |------------+----------------------+-------------------------------| | 12.4SW | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | | Releases Prior to | | | | 12.4(15)T13 are not | | | | vulnerable. First | | | | fixed 12.4(15)T14 | | | | | 12.4(15)T14 | | | Releases Prior to | | | 12.4T | 12.4(20)T5 are not | 12.4(20)T6 | | | vulnerable. First | | | | fixed 12.4(20)T6 | 12.4(24)T4 | | | | | | | Releases Prior to | | | | 12.4(24)T2 are not | | | | vulnerable. First | | | | fixed 12.4(24)T4 | | |------------+----------------------+-------------------------------| | 12.4XA | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XB | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XC | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XD | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | | | Releases prior to 12.4(6)XE5 | | | | are vulnerable, release 12.4 | | 12.4XE | Not Vulnerable | (6)XE5 and later are not | | | | vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XF | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XG | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XJ | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XK | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | | | Vulnerable; Contact your | | | | support organization per the | | 12.4XL | Not Vulnerable | instructions in Obtaining | | | | Fixed Software section of | | | | this advisory | |------------+----------------------+-------------------------------| | 12.4XM | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | | | Vulnerable; Contact your | | | | support organization per the | | 12.4XN | Not Vulnerable | instructions in Obtaining | | | | Fixed Software section of | | | | this advisory | |------------+----------------------+-------------------------------| | | | Vulnerable; Contact your | | | | support organization per the | | 12.4XP | Not Vulnerable | instructions in Obtaining | | | | Fixed Software section of | | | | this advisory | |------------+----------------------+-------------------------------| | 12.4XQ | Not Vulnerable | 12.4(15)XQ6; Available on | | | | 22-SEP-10 | |------------+----------------------+-------------------------------| | | | 12.4(15)XR9 | | 12.4XR | Not Vulnerable | | | | | 12.4(22)XR7 | |------------+----------------------+-------------------------------| | 12.4XT | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | | | Vulnerable; Contact your | | | | support organization per the | | 12.4XV | Not Vulnerable | instructions in Obtaining | | | | Fixed Software section of | | | | this advisory | |------------+----------------------+-------------------------------| | 12.4XW | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XY | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4XZ | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | 12.4YA | Not Vulnerable | Vulnerable; first fixed in | | | | 12.4T | |------------+----------------------+-------------------------------| | | | Vulnerable; Contact your | | | | support organization per the | | 12.4YB | Not Vulnerable | instructions in Obtaining | | | | Fixed Software section of | | | | this advisory | |------------+----------------------+-------------------------------| | | | Vulnerable; Contact your | | | | support organization per the | | 12.4YD | Not Vulnerable | instructions in Obtaining | | | | Fixed Software section of | | | | this advisory | |------------+----------------------+-------------------------------| | 12.4YE | Not Vulnerable | 12.4(24)YE1 | |------------+----------------------+-------------------------------| | 12.4YG | Not Vulnerable | 12.4(24)YG3 | |------------+----------------------+-------------------------------| | Affected | First Fixed Release | First Fixed Release for All | | 15.0-Based | for This Advisory | Advisories in the September | | Releases | | 2010 Bundle Publication | |------------+----------------------+-------------------------------| | 15.0M | 15.0(1)M3 | 15.0(1)M3 | |------------+----------------------+-------------------------------| | | Cisco 7600 and 10000 | Cisco 7600 and 10000 Series | | | Series routers: Not | routers: 15.0(1)S1 (available | | | vulnerable | early October 2010) | | 15.0S | | | | | Please see Cisco | Please see Cisco IOS-XE | | | IOS-XE Software | Software Availability | | | Availability | | |------------+----------------------+-------------------------------| | 15.0XA | Not Vulnerable | Vulnerable; first fixed in | | | | 15.1T | |------------+----------------------+-------------------------------| | 15.0XO | Not Vulnerable | Not Vulnerable | |------------+----------------------+-------------------------------| | Affected | First Fixed Release | First Fixed Release for All | | 15.1-Based | for This Advisory | Advisories in the September | | Releases | | 2010 Bundle Publication | |------------+----------------------+-------------------------------| | | 15.1(1)T1 | | | 15.1T | | 15.1(2)T1 | | | 15.1(2)T0a | | |------------+----------------------+-------------------------------| | | Vulnerability | Vulnerable; first fixed in | | 15.1XB | limited to 15.1(1) | 15.1T | | | XB1. | | +-------------------------------------------------------------------+ Cisco IOS XE Software +-------------------- +-------------------------------------------------------------------+ | Cisco IOS | First Fixed | First Fixed Release for All | | XE | Release for This | Advisories in the September 2010 | | Release | Advisory | Bundle Publication | |-----------+------------------+------------------------------------| | 2.1.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.2.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.3.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.4.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.5.x | Not Vulnerable | Vulnerable; migrate to 2.6.2 or | | | | later | |-----------+------------------+------------------------------------| | 2.6.x | Not Vulnerable | 2.6.2 | |-----------+------------------+------------------------------------| | 3.1.xS | Not Vulnerable | Not Vulnerable | +-------------------------------------------------------------------+ For mapping of Cisco IOS XE Software to Cisco IOS Software releases, please refer to the Cisco IOS XE 2 and Cisco IOS XE 3S Release Notes. Cisco IOS XR System Software +--------------------------- Cisco IOS XR Software is not affected by the vulnerabilities disclosed in the September 22, 2010, Cisco IOS Software Security Advisory bundled publication. Workarounds =========== Disabling HTTP redirection for SSL VPN connections can be used as a workaround for this vulnerability. HTTP redirection for SSL VPN connections is disabled by executing the command no http-redirect port in webvpn gateway configuration mode. In addition, manually clearing the hung TCBs with the command clear tcp tcb * will transition the TCBs into a CLOSED state. After a time they will clear the CLOSED state and the memory will be released. Note: Clearing the TCB will clear both legitimate and hung connections, including remote connections to the device such as Telnet and SSH connections. The Cisco Applied Mitigation Bulletin (AMB) "Identifying and Mitigating Exploitation of the TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products", available at http://www.cisco.com/warp/public/707/cisco-amb-20090908-tcp24.shtml, contains two mitigations (EEM scripts and SNMP) that can be used to detect and clear hung TCP connections. Embedded Event Manager (EEM) +--------------------------- A Cisco IOS Embedded Event Manager (EEM) policy that is based on Tool Command Language (Tcl) can be used on vulnerable Cisco IOS devices to identify and detect a hung, extended, or indefinite TCP connection that is caused by this vulnerability. The policy allows administrators to monitor TCP connections on a Cisco IOS device. When Cisco IOS EEM detects potential exploitation of this vulnerability, the policy can trigger a response by sending a syslog message or a Simple Network Management Protocol (SNMP) trap to clear the TCP connection. The example policy provided in this document is based on a Tcl script that monitors and parses the output from two commands at defined intervals, produces a syslog message when the monitor threshold reaches its configured value, and can reset the TCP connection. The Tcl script is available for download at the "Cisco Beyond: Embedded Event Manager (EEM) Scripting Community" at the following link: http://forums.cisco.com/eforum/servlet/EEM?page=eem&fn=script&scriptId=2041 A sample device configuration is provided below. ! !-- Location where the Tcl script will be stored ! event manager directory user policy disk0:/eem ! !-- Define variable and set the monitoring interval !-- as an integer (expressed in seconds) ! event manager environment EEM_MONITOR_INTERVAL 60 ! !-- Define variable and set the threshold value as !-- an integer for the number of retransmissions !-- that determine if the TCP connection is hung !-- (a recommended value to use is 15) ! event manager environment EEM_MONITOR_THRESHOLD 15 ! !-- Define variable and set the value to "yes" to !-- enable the clearing of hung TCP connections ! event manager environment EEM_MONITOR_CLEAR yes ! !-- Define variable and set to the TCP connection !-- state or states that script will monitor, which !-- can be a single state or a space-separated list !-- of states ! event manager environment EEM_MONITOR_STATES CLOSEWAIT ! !-- Register the script as a Cisco EEM policy ! event manager policy monitor-sockets.tcl ! For more details, refer to the sections "EEM Detecting And Clearing Hung TCP Connection" and "Identification: Detecting and Clearing Hung TCP Connection Using SNMP" of this AMB at the following link: http://www.cisco.com/warp/public/707/cisco-amb-20090908-tcp24.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. This vulnerability was found during the troubleshooting of a customer service request. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at : http://www.cisco.com/warp/public/707/cisco-sa-20100922-sslvpn.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-----------------------------------------+ | Revision | | Initial | | 1.0 | 2010-September-22 | public | | | | release. | +-----------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) iEYEARECAAYFAkyZ/SwACgkQ86n/Gc8U/uBPYgCeOBY4HQKl1sgyp7mu9zl98VNK w84AoIVgVbW4s5KylgyKFiRAxFVUkiSZ =eC+N -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759. Cisco IOS of H.323 For implementation, H.323 Service operation disruption due to incomplete packet processing (DoS) There is a vulnerability that becomes a condition. The problem is Bug ID : CSCtc73759 It is a problem.Skillfully crafted by a third party H.323 Service disruption via packets (DoS) There is a possibility of being put into a state. Cisco IOS is prone to an unspecified remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtc73759. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-h323: http://www.cisco.com/warp/public/707/cisco-sa-20100922-h323.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Cisco has released free software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities other than disabling H.323 on the vulnerable device. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-h323.shtml Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html Affected Products ================= These vulnerabilities only affect devices that are running Cisco IOS Software with H.323 voice services enabled. Vulnerable Products +------------------ Cisco devices that are running affected Cisco IOS Software versions that are configured to process H.323 messages are affected by these vulnerabilities. H.323 is not enabled by default. To determine if the Cisco IOS Software device is running H.323 services, issue the show process cpu | include H323 command, as shown in this example: Router# show process cpu | include H323 249 16000 3 5333 0.00% 0.00% 0.00% 0 CCH323_CT 250 0 1 0 0.00% 0.00% 0.00% 0 CCH323_DNS Router# In the previous example the processes CCH323_CT and CCH323_DNS are running on the device; therefore, the device is listening to H.323 messages. The device is vulnerable if any of these processes (or similar) are active. Note: Creating a dial peer by issuing the dial-peer voice command will start the H.323 processes, which causes the Cisco IOS device to process H.323 messages. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router# show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router# show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/web/about/security/intelligence/ios-ref.html Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XR Software is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= H.323 is the International Telecommunication Union (ITU) standard for real-time multimedia communications and conferencing over packet-based (IP) networks. A subset of the H.323 standard is H.225.0, a standard that is used for call signaling protocols and media stream packetization over IP networks. An attacker can exploit these vulnerabilities remotely by sending crafted H.323 packets to an affected device that is running Cisco IOS Software. A TCP three-way handshake is required to exploit these vulnerabilities. These vulnerabilities are documented in Cisco Bug IDs CSCtc73759 ( registered customers only) and CSCtd33567 ( registered customers only) , and have been assigned Common Vulnerabilities and Exposures (CVE) IDs CVE-2010-2828 and CVE-2010-2829, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at http://intellishield.cisco.com/security/alertmanager/cvss CSCtc73759 - Device crashing upon receipt of specific traffic CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtd33567 - Traceback seen when receiving crafted H.323 packets CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed Impact ====== Successful exploitation of the vulnerabilities described in this advisory may cause the affected device to reload. Theses vulnerabilities could be exploited repeatedly to cause an extended DoS condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the following Cisco IOS Software table corresponds to a Cisco IOS Software train. If a particular train is vulnerable, the earliest releases that contain the fix are listed in the First Fixed Release For This Advisory column. The First Fixed Release for All Advisories in the September 2010 Bundle Publication column lists the earliest possible releases that correct all the published vulnerabilities in the Cisco IOS Software Security Advisory bundled publication. Cisco recommends upgrading to the latest available release, where possible. +--------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+-------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.0-based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1 | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(4b) are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1E | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1T | | | | | Releases up to and | Releases up to and | | | including 12.1(3a)T8 are | including 12.1(3a)T8 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XI | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XP | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1XS | | | | | Releases up to and | Releases up to and | | | including 12.1(3)XS are | including 12.1(3)XS are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1XT | | | | | Releases up to and | Releases up to and | | | including 12.1(2)XT2 are | including 12.1(2)XT2 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1XU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XV | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1XY | | | | | Releases up to and | Releases up to and | | | including 12.1(4)XY are | including 12.1(4)XY are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1YB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1YC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1YD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.1(5) | Releases prior to 12.1(5) | | | YE6 are vulnerable, | YE6 are vulnerable, | | 12.1YE | release 12.1(5)YE6 and | release 12.1(5)YE6 and | | | later are not vulnerable; | later are not vulnerable; | | | first fixed in 12.4 | first fixed in 12.4T | |------------+---------------------------+---------------------------| | 12.1YF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1YH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.1YI | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.2 | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.2B | | | | | Releases up to and | Releases up to and | | | including 12.2(2)B7 are | including 12.2(2)B7 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.2BC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2BW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | | 12.2BX | | | | | Releases up to and | Releases up to and | | | including 12.2(15)BX are | including 12.2(15)BX are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.2BY | | | | | Releases up to and | Releases up to and | | | including 12.2(2)BY3 are | including 12.2(2)BY3 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.2BZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2CX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2CY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2CZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2DD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2DX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EX | Vulnerable; migrate to | Not Vulnerable | | | any release in 12.2SE | | |------------+---------------------------+---------------------------| | 12.2EY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2JA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2JK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | Releases up to and | | | including 12.2(15)MC1 are | including 12.2(15)MC1 are | | | not vulnerable. | not vulnerable. Releases | | 12.2MC | | 12.2(15)MC2b and later | | | Releases 12.2(15)MC2b and | are not vulnerable; first | | | later are not vulnerable; | fixed in 12.4T | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2MRA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2MRB | Not Vulnerable | 12.2(33)MRB2 | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2S | (30)S are vulnerable, | (30)S are vulnerable, | | | release 12.2(30)S and | release 12.2(30)S and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | | 12.2(31)SB19 | 12.2(31)SB19 | | | | | | 12.2SB | Releases prior to 12.2 | Releases prior to 12.2 | | | (33)SB5 are vulnerable, | (33)SB5 are vulnerable, | | | release 12.2(33)SB5 and | release 12.2(33)SB5 and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2SBC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | |------------+---------------------------+---------------------------| | 12.2SCA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SCB | in 12.2SCB | |------------+---------------------------+---------------------------| | | 12.2(33)SCB10 | | | | | | | 12.2SCB | 12.2(33)SCB9 | 12.2(33)SCB9 | | | | | | | 12.2(33)SCB8 | | |------------+---------------------------+---------------------------| | | 12.2(33)SCC5 | | | 12.2SCC | | 12.2(33)SCC5 | | | 12.2(33)SCC4 | | |------------+---------------------------+---------------------------| | | 12.2(33)SCD3 | | | 12.2SCD | | 12.2(33)SCD3 | | | 12.2(33)SCD4 | | |------------+---------------------------+---------------------------| | 12.2SE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SED | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (40)SG are vulnerable, | (40)SG are vulnerable, | | 12.2SG | release 12.2(40)SG and | release 12.2(40)SG and | | | later are not vulnerable; | later are not vulnerable; | | | migrate to any release in | migrate to any release in | | | 12.2SGA | 12.2SGA | |------------+---------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2SRA | (33)SRA6 are vulnerable, | (33)SRA6 are vulnerable, | | | release 12.2(33)SRA6 and | release 12.2(33)SRA6 and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2SRB | (33)SRB1 are vulnerable, | (33)SRB1 are vulnerable, | | | release 12.2(33)SRB1 and | release 12.2(33)SRB1 and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2SRC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SRD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SRE | Not Vulnerable | 12.2(33)SRE1 | |------------+---------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (29b)SV1 are vulnerable, | (29b)SV1 are vulnerable, | | 12.2SV | release 12.2(29b)SV1 and | release 12.2(29b)SV1 and | | | later are not vulnerable; | later are not vulnerable; | | | migrate to any release in | migrate to any release in | | | 12.2SVD | 12.2SVD | |------------+---------------------------+---------------------------| | 12.2SVA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SVC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SVD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SVE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | Releases up to and | | | including 12.2(21)SW1 are | including 12.2(21)SW1 are | | | not vulnerable. | not vulnerable. Releases | | 12.2SW | | 12.2(25)SW12 and later | | | Releases 12.2(25)SW12 and | are not vulnerable; first | | | later are not vulnerable; | fixed in 12.4T | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2SX | Not Vulnerable | including 12.2(14)SX2 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (17b)SXA2 are vulnerable, | support organization per | | 12.2SXA | release 12.2(17b)SXA2 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (17d)SXB7 are vulnerable, | support organization per | | 12.2SXB | release 12.2(17d)SXB7 and | the instructions in | | | later are not vulnerable; | Obtaining Fixed Software | | | migrate to any release in | section of this advisory | | | 12.2SXE | | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (18)SXD2 are vulnerable, | support organization per | | 12.2SXD | release 12.2(18)SXD2 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Only 12.2(18)SXF7 and | Releases prior to 12.2 | | 12.2SXF | 12.2(18)SXF8 are | (18)SXF11 are vulnerable, | | | vulnerable | release 12.2(18)SXF11 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2SXH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SXI | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | | | | support organization per | | | 12.2SY | the instructions in | Not Vulnerable | | | Obtaining Fixed Software | | | | section of this advisory | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2T | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4 | | | 12.2XA | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.2(1)XA are | | | | not vulnerable. | | |------------+---------------------------+---------------------------| | 12.2XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2XF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XI | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | | | | (33)XN1 are vulnerable, | Vulnerable; first fixed | | 12.2XN | release 12.2(33)XN1 and | in 12.2SB | | | later are not vulnerable; | | | | first fixed in 12.2SB | | |------------+---------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XR | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2XS | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XV | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YK | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | | | | support organization per | | | 12.2YO | the instructions in | Not Vulnerable | | | Obtaining Fixed Software | | | | section of this advisory | | |------------+---------------------------+---------------------------| | 12.2YP | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2YQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2YR | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YT | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2YV | (11)YV1 are vulnerable, | (11)YV1 are vulnerable, | | | release 12.2(11)YV1 and | release 12.2(11)YV1 and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YW | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YX | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | Releases up to and | | 12.2ZB | including 12.2(8)ZB are | including 12.2(8)ZB are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZE | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2ZF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2ZG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2ZH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; Contact your | | | any release in 12.2SXH | support organization per | | 12.2ZU | | the instructions in | | | Releases up to and | Obtaining Fixed Software | | | including 12.2(18)ZU are | section of this advisory | | | not vulnerable. | | |------------+---------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.3 | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3B | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3BC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3BW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JED | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | Releases up to and | | | including 12.3(2)JK3 are | including 12.3(2)JK3 are | | | not vulnerable. | not vulnerable. Releases | | 12.3JK | | 12.3(8)JK1 and later are | | | Releases 12.3(8)JK1 and | not vulnerable; first | | | later are not vulnerable; | fixed in 12.4T | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | 12.3JL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3T | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.3TPC | including 12.3(4)TPC11a | the instructions in | | | are not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.3VA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.3(2) | | | | XA7 are vulnerable, | Vulnerable; first fixed | | 12.3XA | release 12.3(2)XA7 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.3XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XE | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.3XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.3(7) | Releases prior to 12.3(7) | | | XI11 are vulnerable, | XI11 are vulnerable, | | 12.3XI | release 12.3(7)XI11 and | release 12.3(7)XI11 and | | | later are not vulnerable; | later are not vulnerable; | | | first fixed in 12.2SB | first fixed in 12.2SB | |------------+---------------------------+---------------------------| | 12.3XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+---------------------------+---------------------------| | 12.3XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XS | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4T | | | 12.3XU | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.3(8)XU1 are | | | | not vulnerable. | | |------------+---------------------------+---------------------------| | 12.3XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+---------------------------+---------------------------| | 12.3YG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.3 | | | | (11)YK3 are vulnerable, | Vulnerable; first fixed | | 12.3YK | release 12.3(11)YK3 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | 12.3YM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4T | | | 12.3YS | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.3(11)YS1 are | | | | not vulnerable. | | |------------+---------------------------+---------------------------| | 12.3YT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YX | 12.3(14)YX17 | Vulnerable; first fixed | | | | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.3ZA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.4 | 12.4(25d) | 12.4(25d) | |------------+---------------------------+---------------------------| | 12.4GC | 12.4(24)GC2 | 12.4(24)GC2 | |------------+---------------------------+---------------------------| | 12.4JA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JDA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JDC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JDD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JHB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JMA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JMB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD2 | |------------+---------------------------+---------------------------| | 12.4MDA | 12.4(22)MDA4 | 12.4(22)MDA4 | |------------+---------------------------+---------------------------| | 12.4MR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4MRA | in 12.4MRA | |------------+---------------------------+---------------------------| | 12.4MRA | 12.4(20)MRA1 | 12.4(20)MRA1 | |------------+---------------------------+---------------------------| | | Releases prior to 12.4 | | | | (15)SW6 are vulnerable, | Vulnerable; first fixed | | 12.4SW | release 12.4(15)SW6 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | 12.4(15)T14 | 12.4(15)T14 | | | | | | 12.4T | 12.4(20)T6 | 12.4(20)T6 | | | | | | | 12.4(24)T4 | 12.4(24)T4 | |------------+---------------------------+---------------------------| | 12.4XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.4(6) | Releases prior to 12.4(6) | | | XE5 are vulnerable, | XE5 are vulnerable, | | 12.4XE | release 12.4(6)XE5 and | release 12.4(6)XE5 and | | | later are not vulnerable; | later are not vulnerable; | | | first fixed in 12.4T | first fixed in 12.4T | |------------+---------------------------+---------------------------| | 12.4XF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.4(9) | | | | XG5 are vulnerable, | Vulnerable; first fixed | | 12.4XG | release 12.4(9)XG5 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | 12.4XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.4 | | | | (15)XM3 are vulnerable, | Vulnerable; first fixed | | 12.4XM | release 12.4(15)XM3 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.4(15)XQ are | | | | not vulnerable. | 12.4(15)XQ6; Available on | | 12.4XQ | | 22-SEP-10 | | | Releases 12.4(15)XQ6 and | | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | | 12.4(15)XR9 | | 12.4XR | Not Vulnerable | | | | | 12.4(22)XR7 | |------------+---------------------------+---------------------------| | 12.4XT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.4XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.4 | | | | (24)YE1 are vulnerable, | | | 12.4YE | release 12.4(24)YE1 and | 12.4(24)YE1 | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | 12.4YG | 12.4(24)YG3 | 12.4(24)YG3 | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 15.0M | 15.0(1)M3 | 15.0(1)M3 | |------------+---------------------------+---------------------------| | | Cisco 7600 and 10000 | Cisco 7600 and 10000 | | | Series routers: Not | Series routers: 15.0(1)S1 | | | Vulnerable | (available early October | | | | 2010) | | 15.0S | Cisco ASR 1000 Series | | | | routes: Please see Cisco | Cisco ASR 1000 Series | | | IOS-XE Software | routes: Please see Cisco | | | Availability | IOS-XE Software | | | | Availability | |------------+---------------------------+---------------------------| | 15.0XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 15.1T | in 15.1T | |------------+---------------------------+---------------------------| | 15.0XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | 15.1(1)T1 | | | 15.1T | | 15.1(2)T1 | | | 15.1(2)T0a | | |------------+---------------------------+---------------------------| | 15.1XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 15.1T | in 15.1T | +--------------------------------------------------------------------+ Cisco IOS XE Software +-------------------- +-------------------------------------------------------------------+ | Cisco IOS | First Fixed | First Fixed Release for All | | XE | Release for This | Advisories in the September 2010 | | Release | Advisory | Bundle Publication | |-----------+------------------+------------------------------------| | 2.1.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.2.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.3.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.4.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.5.x | 2.5.2 | Vulnerable; migrate to 2.6.2 or | | | | later | |-----------+------------------+------------------------------------| | 2.6.x | 2.6.1 | 2.6.2 | |-----------+------------------+------------------------------------| | 3.1.xS | Not Vulnerable | Not Vulnerable | +-------------------------------------------------------------------+ For mapping of Cisco IOS XE to Cisco IOS releases, please refer to the Cisco IOS XE 2 and Cisco IOS XE 3S Release Notes. Workarounds =========== There are no workarounds to mitigate these vulnerabilities apart from disabling H.323 if the Cisco IOS device does not require it. Applying access lists on interfaces that should not accept H.323 traffic and placing firewalls in strategic locations may greatly reduce exposure until an upgrade can be performed. Cisco provides Solution Reference Network Design (SRND) guides to help design and deploy networking solutions, which can be found at http://www.cisco.com/go/srnd Voice Security best practices are covered in the Cisco Unified Communications SRND Based on Cisco Unified Communications Manager 6.x at http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/6x/security.html To disable all H.323 call processing, administrators can issue the call service stop forced command under the voice service voip mode, as shown in this example: voice service voip h323 call service stop forced Note: The call service stop forced command disables all H.323 call processing. Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Voice Products", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100922-voice.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. These vulnerabilities were found during Cisco internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at : http://www.cisco.com/warp/public/707/cisco-sa-2010922-h323.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-----------------------------------------+ | Revision | | Initial | | 1.0 | 2010-September-22 | public | | | | release. | +-----------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) iEYEARECAAYFAkyZ/SoACgkQ86n/Gc8U/uCR8ACfbSQwX1PMeEwUVJWTSeGDtyrW jTMAnRuYshIzCis7CHMiORtLxeSKi80b =B67E -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

A vulnerability in the file transfer feature in the JP1/NETM/Remote Control Agent may allow authentication bypass.A remote attacker could manipulate arbitrary files on the system installed with the Remote Control Agent.

Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name. Remote attackers with knowledge of an account name on a target computer can exploit this issue to access AFP shared folders. The following are affected: Mac OS X 10.6 through 10.6.4 Mac OS X Server 10.6 through 10.6.4

NitroSecurity NitroView Enterprise Security Manager is a real-time tool for secure time and information correlation analysis. The NitroSecurity NitroView Enterprise Security Manager management interface has an input validation error that can be exploited by a local attacker to read any local file on the local file system. Successful exploitation of the vulnerability can be used to obtain ROOT privileges. Other attacks may also be possible. NitroView Enterprise Security Manager (ESM) firmware version 8.4.0 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: NitroSecurity NitroView ESM Privilege Escalation SECUNIA ADVISORY ID: SA41501 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41501/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41501 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41501/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41501/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41501 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in NitroSecurity NitroView Enterprise Security Manager (ESM), which can be exploited by malicious users to disclose sensitive information and gain escalated privileges. The vulnerability is reported in 8.4.0. SOLUTION: Update to version 8.4.0b. PROVIDED AND/OR DISCOVERED BY: Ben Nell, Foreground Security OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document. Webkit is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. NOTE: This issue was previously covered in BID 43315 (Google Chrome prior to 6.0.472.62 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42314 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42314/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 RELEASE DATE: 2010-11-24 DISCUSS ADVISORY: http://secunia.com/advisories/42314/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42314/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, or to compromise a user's system. For more information: SA40257 SA41328 SA42151 SA42312 SOLUTION: Upgrade to iOS 4.2 (downloadable and installable via iTunes). ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4456 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For more information: SA32349 SA33495 SA35095 SA35379 SA35411 SA35449 SA35758 SA36269 SA36677 SA37273 SA37346 SA37769 SA38061 SA38545 SA38932 SA39029 SA39091 SA39384 SA39661 SA39937 SA40002 SA40072 SA40105 SA40112 SA40148 SA40196 SA40257 SA40664 SA40783 SA41014 SA41085 SA41242 SA41328 SA41390 SA41443 SA41535 SA41841 SA41888 SA41968 SA42151 SA42264 SA42290 SA42312 SA42443 SA42461 SA42658 SA42769 SA42886 SA42956 SA43053 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server

Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message. This vulnerability WTclient.dll Due to the library. SCADA is the data acquisition and monitoring control system. BACnet OPC Client is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will likely result in denial-of-service conditions. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SCADA Engine BACnet OPC Client Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41466 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41466/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41466 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41466/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41466/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41466 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SCADA Engine BACnet OPC Client, which can be exploited by malicious people to compromise a user's system. tricking a user into opening a specially crafted *.csv file. The vulnerability is confirmed in version 1.0.24. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Jeremy Brown OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

VHS to DVD is a set of video capture devices for converting video tapes to DVD discs. VHS to DVD comes with video capture and editing software that has a stack overflow when processing .ilj project files. Users who are tricked into loading malicious project files may cause arbitrary code execution. VHS to DVD is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. VHS to DVD versions 3.0.30 Deluxe and prior are vulnerable. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Honest Technology VHS to DVD Project File Processing Buffer Overflow SECUNIA ADVISORY ID: SA41473 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41473/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41473 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41473/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41473/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41473 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Honest Technology VHS to DVD, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of project files and can be exploited to cause a stack-based buffer overflow when a user is tricked into opening a specially crafted ".ilj" file containing an overly long "file" entry. The vulnerability is reported in version 3.0.30 Deluxe. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Brennon Thomas OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. NOTE: this issue exists because of an incorrect fix for CVE-2010-3112 on Mac OS X. The problem is CVE-2010-3112 This is due to an incomplete fix.Denial of service by attacker (DoS) You may be put into a state or affected by other details. Chrome is prone to a denial-of-service vulnerability. Google Chrome is an open source web browser released by Google

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Platespin Orchestrate. Authentication is not required to exploit this vulnerability.The specific flaw exists within how the application utilizes a bundled component for rendering graphs. The application will pass user-supplied arguments to this component without proper sanitization. An attacker can abuse this to specify arbitrary arguments to this tool. Successful exploitation will lead to code execution in the context of the graph component application. PlateSpin Orchestrate is a Novell product that helps data center administrators automate the management of large numbers of virtual machines. The application renders the graphics with the bundled components. Failed attacks may cause denial-of-service conditions. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Novell PlateSpin Orchestrate Graph Rendering Component Vulnerability SECUNIA ADVISORY ID: SA41470 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41470/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41470 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41470/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41470/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41470 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell PlateSpin Orchestrate, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input validation error when rendering graphs and can be exploited to pass arbitrary arguments to the graph rendering tool. SOLUTION: Apply the vendor patch. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1c239c43f521145fa8385d64a9c32243, reported via ZDI ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-10-178/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Authentication is not required to exploit this vulnerability. -- Vendor Response: Novell has issued an update to correct this vulnerability. More details can be found at: http://download.novell.com/Download?buildid=BkIPy5JtULM~ -- Disclosure Timeline: 2010-02-02 - Vulnerability reported to vendor 2010-09-15 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * 1c239c43f521145fa8385d64a9c32243 -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi

Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02512995 Version: 1 HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2010-09-15 Last Updated: 2010-09-15 Potential Security Impact: Remote cross site scripting (XSS), HTTP response splitting, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) for Linux and Windows. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), HTTP response splitting, Denial of Service (DoS), information disclosure, and data modification. References: CVE-2010-3010 XSS CVE-2010-3011 HTTP response splitting CVE-2010-2068 Apache CVE-2009-4143 PHP CVE-2009-4018 PHP CVE-2009-4017 PHP CVE-2009-3555 SSL SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage for Linux (x86) prior to v6.2 HP System Management Homepage for Linux (AMD64/EM64T) prior to v6.2 HP System Management Homepage for Windows prior to v6.2 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2010-3010 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2010-3011 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2009-4143 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-4018 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-4017 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided HP System Management Homepage v6.2 or subsequent to resolve the vulnerabilities. HP System Management Homepage v6.2 or subsequent for Linux (x86), Linux (AMD64/EM64T), and Windows can be downloaded from the following link. http://www.hp.com/servers/manage/smh PRODUCT SPECIFIC INFORMATION None HISTORY Version:1 (rev.1) - 15 September 2010 Initial Release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyQ1mwACgkQ4B86/C0qfVnXFQCglbMn0B+FmCZvloAoXci/cEpU ceEAoNPOhpE7qN8Ckcf3HDXsfRydveyw =mQKh -----END PGP SIGNATURE-----

Multiple cross-site scripting (XSS) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via (1) the date1 parameter to pvm_messagestore.php, (2) the userfilter parameter to pvm_user_management.php, (3) the ping parameter to sys_tools.php in a sys_ping.php action, (4) the action parameter to pvm_cert_commaction.php, (5) the action parameter to pvm_cert_serveraction.php, (6) the action parameter to pvm_smtpstore.php, (7) the l parameter to sla/index.php, or (8) unspecified stored data; and allow remote authenticated users to inject arbitrary web script or HTML via (9) saved search filters. (1) pvm_messagestore.php To date1 Parameters (2) pvm_user_management.php To userfilter Parameters (3) sys_ping.php action of sys_tools.php To ping Parameters (4) pvm_cert_commaction.php of action Parameters (5) pvm_cert_serveraction.php To action Parameters (6) pvm_smtpstore.php To action Parameters (7) sla/index.php To l Parameters (8) Stored data. The Local Management Interface is a set of enhancements to the basic Frame Relay specification. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc. A persistent XSS vulnerability can be exploited by an external unauthenticated attacker to inject malicious scripting code which is persistently stored. When the system is accessed by authorised users, such malicious code could be used to severely compromise the security of the appliance. A persistent XSS vulnerability identified in saved search filters (Mail Security->Email Browser) allows an internal authenticated attacker to inject malicious scripting code. Multiple reflected XSS vulnerabilities can be exploited by manipulating parameters of pvm_messagestore.php resource. url_placeholder/pvm_messagestore.php?msgid=&sender=&rcpt=&subject=&meta=&mailsize=&folder=allfolders&date1=<script>alert('xss')</script>&date2=&s=mails&favname= Reflected XSS vulnerabilities can be exploited by manipulating parameters of the following resources: * userfilter parameter of pvm_user_management.php resource. url_placeholder/pvm_smtpstore.php?id=frozen&action="><script>alert("XSS")</script> * l parameter of /sla/index.php resource url_placeholder/sla/index.php?l="><script>alert(document.cookie)</script> Affected Versions IBM Proventia Network Mail Security System - virtual appliance (firmware 1.6) IBM Proventia Network Mail Security System - virtual appliance (firmware 2.5) Mitigation Vendor recommends upgrading to PNMSS firmware 2.5.0.2 or later. Alternatively, please contact IBM for technical support. Disclosure Timeline 2009, November 07: Vulnerabilities discovered and documented 2009, November 08: Notification sent to IBM 2009, November 09: IBM acknowledges receiving the report 2010, March: IBM releases PNMSS Firmware 2.5.0.2 correcting the reported issues 2010, September 12: MVSA-10-007 advisory published. Credits Dr. Marian Ventuneac http://ventuneac.net

The Nokia E72 is a smartphone based on the Symbian system. The Nokia E72 keyboard lock verification password has a delay during which the screen will be unlocked, allowing the user to select and use any application. Nokia E72 is prone to an authentication-bypass vulnerability. An attacker with physical access to a locked device can exploit this issue to bypass security restrictions and access arbitrary applications without proper authorization

Multiple cross-site request forgery (CSRF) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change settings or (2) conduct denial of service attacks. The Local Management Interface is a set of enhancements to the basic Frame Relay specification. When exploited by an attacker, the identified vulnerabilities could lead to compromising the security of the appliance, including unauthorized alteration of appliance's settings, DoS attacks, etc. Affected Versions IBM Proventia Network Mail Security System - virtual appliance (firmware 1.6) IBM Proventia Network Mail Security System - virtual appliance (firmware 2.5) Mitigation Vendor recommends upgrading to PNMSS firmware 2.5.0.2 or later. Alternatively, please contact IBM for technical support. Disclosure Timeline 2009, November 07: Vulnerabilities discovered and documented 2009, November 08: Notification sent to IBM 2009, November 09: IBM acknowledges receiving the report 2010, March: IBM releases PNMSS Firmware 2.5.0.2 correcting the reported issues 2010, September 12: MVSA-10-006 advisory published. Credits Dr. Marian Ventuneac http://ventuneac.net

Directory traversal vulnerability in sla/index.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the l parameter, related to an "Insecure Direct Object Reference vulnerability.". ( Dot 2 One ) Any file may be read via. The Local Management Interface is a set of enhancements to the basic Frame Relay specification