VARIoT IoT vulnerabilities database

Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability.". The problem is Bug ID : CSCsz49741 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco IOS, configured for use on Cisco Communication Manager Express, is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to crash and reload, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCsz49741. The vulnerabilities are caused due to errors in the Unified CME (Communication Manager Express) component when processing SCCP messages. SOLUTION: Please see the patch matrix for a list of fixes. http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml#software PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100324-cucme: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml OTHER REFERENCES: Cisco Applied Mitigation Bulletin: http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b20ee9.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . The vulnerabilities are triggered when the Cisco IOS device processes specific, malformed Skinny Call Control Protocol (SCCP) messages. Cisco has released free software updates that address these vulnerabilities. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-cucme.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= Cisco IOS devices, including Cisco Unified Communications 500 Series, that are configured for the Cisco Unified CME or the Cisco Unified SRST features are affected. Vulnerable Products +------------------ A Cisco IOS device that is configured for Cisco Unified CME operation displays the following output when the "show running-config" command is issued: telephony-service ... ! ephone <Ethernet phone tag> ... A Cisco IOS device that is configured for Cisco Unified SRST operation displays the following output when the "show running-config" command is issued: call-manager-fallback ... To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name is displayed in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih <output truncated> The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team <output truncated> Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XR Software is not affected. Cisco IOS XE Software is not affected. No other Cisco products are currently known to be affected by these vulnerabilities. The malformed SCCP messages can only come from registered phone IP addresses. If the auto-registration feature is enabled (Cisco Unified CME only), an attacker can register its IP address and subsequently send a malformed payload to exploit these vulnerabilities. The auto-registration feature is enabled by default. More information on auto-registration can be found at the following link: http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/command/reference/cme_a1ht.html#wp1031242 Exploitation of these vulnerabilities requires that a TCP three-way handshake to the SCCP port be completed. By default, the SCCP port is TCP port 2000, but this can be changed with the "ip source-address" command in telephony service configuration mode. These vulnerabilities are addressed by Cisco bug IDs CSCsz48614 and CSCsz49741 and have been assigned Common Vulnerabilities and Exposures (CVE) IDs CVE-2010-0585 and CVE-2010-0586, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerabilities in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCsz48614 and CSCsz49741 CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the vulnerabilities in this advisory may result in a reload of the affected device. Repeated exploitation could result in a sustained denial of service condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release for this Advisory" column of the table. The "First Fixed Release for all Advisories in 24 March 2010 Bundle Publication" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +--------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+-------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.0 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.1 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1AX | Not Vulnerable | including 12.1(11)AX are | | | | not vulnerable; first | | | | fixed in 12.2SE | |------------+---------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1E | Not Vulnerable | including 12.1(7a)E1a are | | | | not vulnerable; migrate | | | | to any release in 12.2SXF | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.1(6)EA2c are | | 12.1EA | Not Vulnerable | not vulnerable. Releases | | | | 12.1(8)EA1c and later are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1EB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EC | Not Vulnerable | including 12.1(7)EC are | | | | not vulnerable; migrate | | | | to 12.2SCB | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EO | Not Vulnerable | including 12.1(19)EO6 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EY | Not Vulnerable | including 12.1(7a)EY3 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1T | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XI | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XP | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XR | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XT | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XU | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases prior to 12.1(5) | | 12.1XV | Not Vulnerable | XV1 are vulnerable, | | | | release 12.1(5)XV1 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YB | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | 12.1YC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YD | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2 | any release in 12.2 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Releases prior to 12.1(5) | | 12.1YE | any release in 15.0M or a | YE6 are vulnerable, | | | fixed 12.4 release. | release 12.1(5)YE6 and | | | | later are not vulnerable. | |------------+---------------------------+---------------------------| | 12.1YF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.1YI | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.2 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2B | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BC | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BX | any release in 12.2SB | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BZ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2CX | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2CY | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2CZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2DD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2DX | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(37)EX are | | | | not vulnerable. | | 12.2EX | Not Vulnerable | | | | | Releases 12.2(44)EX and | | | | later are not vulnerable; | | | | first fixed in 12.2SE | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2EY | Not Vulnerable | (37)EY are vulnerable, | | | | release 12.2(37)EY and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2IRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+---------------------------| | 12.2IRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2JA | Not Vulnerable | including 12.2(4)JA1 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2JK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2MC | Releases 12.2(15)MC2b and | Vulnerable; first fixed | | | later are not vulnerable. | in 12.4 | |------------+---------------------------+---------------------------| | 12.2MRA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2S | Not Vulnerable | (30)S are vulnerable, | | | | release 12.2(30)S and | | | | later are not vulnerable; | |------------+---------------------------+---------------------------| | | | 12.2(33)SB8 | | 12.2SB | Not Vulnerable | | | | | 12.2(31)SB18; Available | | | | on 24-MAR-10 | |------------+---------------------------+---------------------------| | 12.2SBC | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+---------------------------| | 12.2SCB | Not Vulnerable | 12.2(33)SCB6 | |------------+---------------------------+---------------------------| | 12.2SCC | Not Vulnerable | 12.2(33)SCC1 | |------------+---------------------------+---------------------------| | 12.2SCD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SE | Not Vulnerable | 12.2(50)SE4; Available on | | | | 25-MAR-10 | |------------+---------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SED | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (25)SEG4 are vulnerable, | | 12.2SEG | Not Vulnerable | release 12.2(25)SEG4 and | | | | later are not vulnerable; | | | | first fixed in 12.2SE | |------------+---------------------------+---------------------------| | | | Releases up to 12.2(31) | | 12.2SG | Not Vulnerable | SG1 are not vulnerable; | | | | releases 12.2(40)SG and | | | | later are not vulnerable. | |------------+---------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+---------------------------| | 12.2SRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+---------------------------| | 12.2SRC | Not Vulnerable | 12.2(33)SRC5 | |------------+---------------------------+---------------------------| | 12.2SRD | Not Vulnerable | 12.2(33)SRD3 | |------------+---------------------------+---------------------------| | 12.2SRE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2SU | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2SV | Not Vulnerable | including 12.2(18)SV2 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(25)SW3 are | | | | not vulnerable. | | 12.2SW | Not Vulnerable | | | | | Releases 12.2(25)SW12 and | | | | later are not vulnerable; | | | | first fixed in 15.0M | |------------+---------------------------+---------------------------| | 12.2SX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXF | Not Vulnerable | 12.2(18)SXF17a | |------------+---------------------------+---------------------------| | 12.2SXH | Not Vulnerable | 12.2(33)SXH6 | |------------+---------------------------+---------------------------| | | | 12.2(33)SXI2a | | 12.2SXI | Not Vulnerable | | | | | 12.2(33)SXI3 | |------------+---------------------------+---------------------------| | 12.2SY | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2SZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2T | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XA | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XB | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XC | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XF | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XH | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XI | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XJ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XL | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (33)XN1 are vulnerable, | | 12.2XN | Not Vulnerable | release 12.2(33)XN1 and | | | | later are not vulnerable; | | | | first fixed in 12.2SRC | |------------+---------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XQ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XR | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XV | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases prior to 12.2(4) | | | | YA8 are vulnerable, | Vulnerable; migrate to | | 12.2YA | release 12.2(4)YA8 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2(8) | Vulnerable; Contact your | | | YJ1 are vulnerable, | support organization per | | 12.2YJ | release 12.2(8)YJ1 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2YM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2YP | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YQ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YR | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YT | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (11)YV1 are vulnerable, | support organization per | | 12.2YV | release 12.2(11)YV1 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YW | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.2ZB | including 12.2(8)ZB are | the instructions in | | | not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.2ZC | including 12.2(11)ZC are | the instructions in | | | not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZF | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2ZG | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | | | | (13)ZH6 are vulnerable, | Vulnerable; migrate to | | 12.2ZH | release 12.2(13)ZH6 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXH | |------------+---------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3 | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3B | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3BC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3BW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3 | | 12.3JA | Not Vulnerable | (11)JA5 are vulnerable, | | | | release 12.3(11)JA5 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3(8) | | 12.3JEA | Not Vulnerable | JEA4 are vulnerable, | | | | release 12.3(8)JEA4 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3(8) | | 12.3JEB | Not Vulnerable | JEB2 are vulnerable, | | | | release 12.3(8)JEB2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JEC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JED | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | | | | not vulnerable. | Vulnerable; migrate to | | 12.3JK | | any release in 15.0M or a | | | Releases 12.3(8)JK1 and | fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3T | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.3TPC | including 12.3(4)TPC11a | the instructions in | | | are not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.3(2) | | | | XA7 are vulnerable, | Vulnerable; migrate to | | 12.3XA | release 12.3(2)XA7 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; first fixed | | | Vulnerable; migrate to | in 12.4 | | 12.3XE | any release in 15.0M or a | | | | fixed 12.4 release. | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Releases prior to 12.3(7) | | 12.3XI | any release in 15.0M or a | XI11 are vulnerable, | | | fixed 12.4 release. | release 12.3(7)XI11 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XK | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XL | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3XS | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YA | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YH | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YI | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YJ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases prior to 12.3 | | | | (11)YK3 are vulnerable, | Vulnerable; migrate to | | 12.3YK | release 12.3(11)YK3 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YS | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | 12.4(25c) | | | | | 12.4(25c) | | 12.4 | 15.0(1)M1 | | | | | 15.0(1)M1 | | | 15.0(1)M2 ; Available on | | | | 26-MAR-10 | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Vulnerable; migrate to | support organization per | | 12.4GC | any release in 15.0M or a | the instructions in | | | fixed 12.4 release. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+---------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD | |------------+---------------------------+---------------------------| | 12.4MDA | Not Vulnerable | 12.4(22)MDA2 | |------------+---------------------------+---------------------------| | | Releases prior to 12.4 | Vulnerable; Contact your | | | (19)MR1 are vulnerable, | support organization per | | 12.4MR | release 12.4(19)MR1 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4SW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | 12.4(22)T4 | 12.4(15)T12 | | | | | | | 12.4(20)T5 | 12.4(20)T5 | | 12.4T | | | | | 12.4(24)T3; Available on | 12.4(24)T3; Available on | | | 26-MAR-10 | 26-MAR-10 | | | | | | | 12.4(15)T12 | 12.4(22)T4 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XF | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.4(9)XG1 are | Vulnerable; migrate to | | 12.4XG | not vulnerable; Releases | any release in 15.0M or a | | | 12.4(9)XG3 and later are | fixed 12.4 release. | | | not vulnerable. | | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XJ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.4(15)XM are | | | | not vulnerable. | Vulnerable; migrate to | | 12.4XM | | any release in 15.0M or a | | | Releases 12.4(15)XM3 and | fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XQ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.4XR | Not Vulnerable | 12.4(22)XR3 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | 12.4(22)YB5 | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | 12.4(22)YE2 | | 12.4YE | Not Vulnerable | | | | | 12.4(24)YE | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 15.0 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 15.1 based releases | +--------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== There are no workarounds for these vulnerabilities. However, in the case of the Cisco Unified CME feature, auto-registration can be disabled to make exploitation more difficult. Auto-registration can be disabled for the Cisco Unified CME feature by issuing the following commands: telephony-service no auto-reg-ephone Before disabling auto-registration, all phone MAC addresses need to be explicitly defined on the Cisco Unified CME. Otherwise phones will not be able to register. More information on auto-registration can be found at the following link: http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/command/reference/cme_a1ht.html#wp1031242 Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco Unified Communications Manager Express and Cisco IOS Software H.323 and Session Initiation Protocol Denial of Service Vulnerabilities", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100324-voice.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. These vulnerabilities were discovered by Cisco during internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-cucme.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqiuf86n/Gc8U/uARAvkXAKCYKDK/Ztqj2yhYKd7YlIjbg/527wCdH2Vl N7zkG2qoLfBl4KejgQa353w= =9izI -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability.". The problem is Bug ID : CSCsz89904 It is a problem.A third party may execute arbitrary code. Cisco IOS is prone to a remote code-execution service vulnerability. The attacker can exploit this issue to execute arbitrary code with elevated privileges on affected devices. Successful exploits will completely compromise an affected device. This issue is tracked by Cisco Bug ID CSCsz89904. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100324-sip Revision 1.0 For Public Release 2010 March 24 1600 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device when SIP operation is enabled. Remote code execution may also be possible. Cisco has released free software updates that address these vulnerabilities. For devices that must run SIP there are no workarounds; however, mitigations are available to limit exposure of the vulnerabilities. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= These vulnerabilities only affect devices running Cisco IOS Software with SIP voice services enabled. Vulnerable Products +------------------ Cisco devices running affected Cisco IOS Software versions that are configured to process SIP messages are affected. Creating a dial peer by issuing the command "dial-peer voice" will start the SIP processes, causing the Cisco IOS device to process SIP messages. In addition, several features within Cisco Unified Communications Manager Express, such as ePhones, once configured will also automatically start the SIP process, which will cause the device to start processing SIP messages. An example of an affected configuration follows: dial-peer voice <Voice dial-peer tag> voip ... In the following example, the presence of the processes "CCSIP_UDP_SOCKET" or "CCSIP_TCP_SOCKET" indicates that the Cisco IOS device will process SIP messages: Router#show processes | include SIP 149 Mwe 40F48254 4 1 400023108/24000 0 CCSIP_UDP_SOCKET 150 Mwe 40F48034 4 1 400023388/24000 0 CCSIP_TCP_SOCKET Warning: Because there are several ways a device running Cisco IOS Software can start processing SIP messages, it is recommended that the "show processes | include SIP" command be used to determine whether the device is processing SIP messages instead of relying on the presence of specific configuration commands. Cisco Unified Border Element images are also affected by these vulnerabilities. Note: The Cisco Unified Border Element feature (previously known as the Cisco Multiservice IP-to-IP Gateway) is a special Cisco IOS Software image that runs on Cisco multiservice gateway platforms. It provides a network-to-network interface point for billing, security, call admission control, quality of service, and signaling interworking. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html. Products Confirmed Not Vulnerable +-------------------------------- The SIP Application Layer Gateway (ALG), which is used by the Cisco IOS NAT and firewall features of Cisco IOS Software, is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= SIP is a popular signaling protocol that is used to manage voice and video calls across IP networks such as the Internet. SIP is responsible for handling all aspects of call setup and termination. Voice and video are the most popular types of sessions that SIP handles, but the protocol has the flexibility to accommodate other applications that require call setup and termination. SIP call signaling can use UDP (port 5060), TCP (port 5060), or TLS (TCP port 5061) as the underlying transport protocol. In cases where SIP is running over TCP transport, a TCP three-way handshake is necessary to exploit these vulnerabilities. These vulnerabilities are addressed by Cisco bug IDs CSCsz48680, CSCsz89904, and CSCtb93416, and have been assigned Common Vulnerabilities and Exposures (CVE) IDs CVE-2010-0580, CVE-2010-0581, and CVE-2010-0579, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerabilities in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCsz89904 and CSCtb93416 CVSS Base Score - 10 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete CVSS Temporal Score - 8.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsz48680 CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the vulnerabilities in this advisory may result in a reload of the device. Repeated exploitation could result in a sustained denial of service condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release for this Advisory" column of the table. The "First Fixed Release for all Advisories in 24 March 2010 Bundle Publication" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.1 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.2 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3 | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3B | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3BC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3BW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JA | Not Vulnerable | (11)JA5 are vulnerable, | | | | release 12.3(11)JA5 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JEA | Not Vulnerable | (8)JEA4 are vulnerable, | | | | release 12.3(8)JEA4 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JEB | Not Vulnerable | (8)JEB2 are vulnerable, | | | | release 12.3(8)JEB2 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JEC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JED | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | | | | not vulnerable. | Vulnerable; migrate to | | 12.3JK | | any release in 15.0M or | | | Releases 12.3(8)JK1 and | a fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4 | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.3T | fixed 12.4 release. | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(4)T11 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; first fixed | | | | in 12.4 | | 12.3XE | Not Vulnerable | | | | | Vulnerable; migrate to | | | | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Releases prior to 12.3 | | 12.3XI | any release in 15.0M or a | (7)XI11 are vulnerable, | | | fixed 12.4 release. | release 12.3(7)XI11 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XL | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XS | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4T release. | Vulnerable; migrate to | | 12.3XU | | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(8)XU1 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XY | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YH | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YI | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YJ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Releases prior to 12.3 | Vulnerable; migrate to | | 12.3YK | (11)YK3 are vulnerable, | any release in 15.0M or | | | release 12.3(11)YK3 and | a fixed 12.4 release. | | | later are not vulnerable; | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YM | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4T release. | Vulnerable; migrate to | | 12.3YS | | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(11)YS1 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YT | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | 12.4(25c) | | | | | 12.4(25c) | | 12.4 | 15.0(1)M1 | | | | | 15.0(1)M1 | | | 15.0(1)M2 ; Available on | | | | 26-MAR-10 | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | Vulnerable; migrate to | support organization per | | 12.4GC | any release in 15.0M or a | the instructions in | | | fixed 12.4 release. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+--------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+--------------------------| | | 12.4(24)MD | | | | | | | | Releases prior to 12.4 | | | 12.4MD | (22)MD are not | 12.4(24)MD | | | vulnerable; Releases | | | | after 12.4(22)MD1 are not | | | | vulnerable; | | |------------+---------------------------+--------------------------| | 12.4MDA | 12.4(22)MDA2 | 12.4(22)MDA2 | |------------+---------------------------+--------------------------| | | Releases prior to 12.4(9) | Vulnerable; Contact your | | | MR are vulnerable, | support organization per | | 12.4MR | release 12.4(9)MR and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4SW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | 12.4(15)T12 | | | 12.4(24)T3; Releases | | | | prior to 12.4(24)T3 are | 12.4(20)T5 | | 12.4T | vulnerable, release 12.4 | | | | (24)T3 and later are not | 12.4(24)T3; Available on | | | vulnerable; | 26-MAR-10 | | | | | | | | 12.4(22)T4 | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XE | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XF | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XG | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XJ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XK | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XM | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XQ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | 12.4(22)XR3; | | | | | | | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | 12.4XR | fixed 12.4T release. | 12.4(22)XR3 | | | | | | | Releases up to and | | | | including 12.4(15)XR8 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XV | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XY | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | 12.4(22)YB5 | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | 12.4(22)YE2 | 12.4(22)YE2 | | 12.4YE | | | | | 12.4(24)YE | 12.4(24)YE | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.1 based releases | +-------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== If the affected Cisco IOS device requires SIP for VoIP services, SIP cannot be disabled, and no workarounds are available. Users are advised to apply mitigation techniques to help limit exposure to the vulnerabilities. Mitigation consists of allowing only legitimate devices to connect to affected devices. To increase effectiveness, the mitigation must be coupled with anti-spoofing measures on the network edge. This action is required because SIP can use UDP as the transport protocol. Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco Unified Communications Manager Express and Cisco IOS Software H.323 and Session Initiation Protocol Denial of Service Vulnerabilities", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100324-voice.shtml Disable SIP Listening Ports +-------------------------- For devices that do not require SIP to be enabled, the simplest and most effective workaround is to disable SIP processing on the device. Some versions of Cisco IOS Software allow administrators to disable SIP with the following commands: sip-ua no transport udp no transport tcp no transport tcp tls Warning: When applying this workaround to devices that are processing Media Gateway Control Protocol (MGCP) or H.323 calls, the device will not stop SIP processing while active calls are being processed. Under these circumstances, this workaround should be implemented during a maintenance window when active calls can be briefly stopped. The "show udp connections", "show tcp brief all", and "show processes | include SIP" commands can be used to confirm that the SIP UDP and TCP ports are closed after applying this workaround. Depending on the Cisco IOS Software version in use, the output from the "show ip sockets" command may still show the SIP ports open, but sending traffic to them will cause the SIP process to emit the following message: *Feb 2 11:36:47.691: sip_udp_sock_process_read: SIP UDP Listener is DISABLED Control Plane Policing +--------------------- For devices that need to offer SIP services it is possible to use Control Plane Policing (CoPP) to block SIP traffic to the device from untrusted sources. CoPP may be configured on a device to protect the management and control planes to minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic sent to infrastructure devices in accordance with existing security policies and configurations. The following example can be adapted to specific network configurations: !-- The 192.168.1.0/24 network and the 172.16.1.1 host are trusted. !-- Everything else is not trusted. The following access list is used !-- to determine what traffic needs to be dropped by a control plane !-- policy (the CoPP feature.) If the access list matches (permit) !-- then traffic will be dropped and if the access list does not !-- match (deny) then traffic will be processed by the router. access-list 100 deny udp 192.168.1.0 0.0.0.255 any eq 5060 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5060 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5061 access-list 100 deny udp host 172.16.1.1 any eq 5060 access-list 100 deny tcp host 172.16.1.1 any eq 5060 access-list 100 deny tcp host 172.16.1.1 any eq 5061 access-list 100 permit udp any any eq 5060 access-list 100 permit tcp any any eq 5060 access-list 100 permit tcp any any eq 5061 !-- Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4 !-- traffic in accordance with existing security policies and !-- configurations for traffic that is authorized to be sent !-- to infrastructure devices. !-- Create a Class-Map for traffic to be policed by !-- the CoPP feature. class-map match-all drop-sip-class match access-group 100 !-- Create a Policy-Map that will be applied to the !-- Control-Plane of the device. policy-map control-plane-policy class drop-sip-class drop !-- Apply the Policy-Map to the Control-Plane of the !-- device. control-plane service-policy input control-plane-policy Warning: Because SIP can use UDP as a transport protocol, it is possible to easily spoof the IP address of the sender, which may defeat access control lists that permit communication to these ports from trusted IP addresses. In the above CoPP example, the access control entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function. Additional information on the configuration and use of the CoPP feature can be found at: http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. The vulnerability addressed by CSCsz48680 was discovered during the resolution of customer service requests. The vulnerabilities addressed by CSCtb93416 and CSCsz89904 were discovered by Cisco during internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqifP86n/Gc8U/uARAmSTAJ9mz3TsxB4ykZ5wDkmmwhVBytw/CQCfcWhi GlwhypRpbcfyfEhe/zBbIxw= =orFq -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Successful exploitation requires that SIP voice services are enabled. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250. The problem is Bug ID : CSCsy09250 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCsy09250.http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&amp;bugId=CSCsq24002. SOLUTION: Update to the fixed version (please see the vendor's advisories for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sccp.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sccp.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= Vulnerable Products +------------------ This security advisory applies to all Cisco products that run Cisco IOS Software configured for Network Address Translation (NAT) and that support the NAT SCCP Fragmentation Support feature. To verify if NAT is enabled on a Cisco IOS device, log into the device and issue the command "show ip nat statistics". The following example shows a device configured with NAT: Router# show ip nat statistics Total translations: 2 (0 static, 2 dynamic; 0 extended) Outside interfaces: Serial0 Inside interfaces: Ethernet1 Hits: 135 Misses: 5 Expired translations: 2 Dynamic mappings: -- Inside Source access-list 1 pool mypool refcount 2 pool mypool: netmask 255.255.255.0 start 192.168.10.1 end 192.168.10.254 type generic, total addresses 14, allocated 2 (14%), misses 0 You can also use the "show running-config | include ip nat" command to verify if NAT has been enabled on the device. In NAT traditional configurations, the term "inside" refers to those networks that will be translated. Inside this domain, hosts will have addresses in one address space, while on the "outside", they will appear to have addresses in another address space when NAT is configured. The first address space is referred to as the local address space and the second is referred to as the global address space. The "ip nat inside" and "ip nat outside" interface commands must be present on the corresponding router interfaces in order for NAT to be enabled. The NAT Virtual Interface (NVI) feature removes the requirement to configure an interface as either NAT inside or NAT outside. If the device is configured for NVI, you can use the show ip nat nvi statistics command in user EXEC or privileged EXEC mode, as shown in the following example. Router# show ip nat nvi statistics Total active translations: 0 (0 static, 0 dynamic; 0 extended) NAT Enabled interfaces: Hits: 0 Misses: 0 CEF Translated packets: 0, CEF Punted packets: 0 Expired translations: 0 Dynamic mappings: -- Inside Source [Id: 1] access-list 1 pool pool1 refcount 1213 pool pool1: netmask 255.255.255.0 start 192.168.1.10 end 192.168.1.253 start 192.168.2.10 end 192.168.2.253 start 192.168.3.10 end 192.168.3.253 start 192.168.4.10 end 192.168.4.253 type generic, total addresses 976, allocated 222 (22%), misses 0 !---output truncated In order to determine the software that is running on a Cisco IOS product, log in to the device and issue the "show version" command to display the system banner. Cisco IOS software identifies itself as "Internetwork Operating System Software" or simply "IOS." On the next line of output, the image name displays between parentheses, followed by "Version" and the Cisco IOS release name. Other Cisco devices do not have the show version command or give different output. router>show version Cisco IOS Software, 7200 Software (C7200-ADVSECURITYK9-M), Version 12.4(6)T2, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Tue 16-May-06 16:09 by kellythw !---output truncated Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XR Software and IOS XE Software are not affected by this vulnerability. Cisco IOS devices not explicitly configured for NAT are not vulnerable. No other Cisco products are currently known to be affected by this vulnerability. Details ======= The Skinny Client Control Protocol (SCCP) enables voice communication between an SCCP client and a Call Manager (CM). Typically, the CM provides service to the SCCP clients on TCP Port 2000 by default. Initially, an SCCP client connects to the CM by establishing a TCP connection; the client will also establish a TCP connection with a secondary CM, if available. The NAT SCCP Fragmentation Support feature enables the Skinny Application Layer Gateway (ALG) to reassemble skinny control messages. Since this feature was introduced in Cisco IOS version 12.4 (6)T, SCCP payloads requiring reassembly and NAT are no longer dropped. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerability in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCsy09250 - Bus error and crash when crafted packet is sent to device CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of this vulnerability may cause the affected device to reload. Repeated exploitation will result in a denial of service (DoS) condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Bundle First Fixed Release" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +--------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+-------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.0 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.1 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.2 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.3 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | | 12.4(25c) | | 12.4 | Not Vulnerable | | | | | 15.0(1)M1 | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4GC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+---------------------------| | 12.4MD | 12.4(11)MD10 | 12.4(24)MD | |------------+---------------------------+---------------------------| | 12.4MDA | 12.4(22)MDA2 | 12.4(22)MDA2 | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.4MR | including 12.4(4)MR1 are | the instructions in | | | not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4SW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | 12.4(20)T4 | 12.4(15)T12 | | | | | | | 12.4(22)T3 | 12.4(20)T5 | | 12.4T | | | | | 12.4(15)T10 | 12.4(24)T3; Available on | | | | 26-MAR-10 | | | 12.4(24)T2 | | | | | 12.4(22)T4 | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XA | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XB | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XF | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XJ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XK | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.4XR | 12.4(22)XR3 | 12.4(22)XR3 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | 12.4(22)YE2 | | 12.4YE | 12.4(22)YE2 | | | | | 12.4(24)YE | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 15.0 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 15.1 based releases | +--------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== As workaround, an administrator can disable SCCP NAT support using the "no ip nat service skinny tcp port 2000" command, as shown in the following example: Router(config)# no ip nat service skinny tcp port 2000 Note: If your Cisco CallManager is using a TCP port for skinny signaling different from the default port (2000), you need to adjust this command accordingly. Caution: This workaround is only feasible on networks where SCCP traffic does not need to be processed by NAT. Please confirm before implementing this workaround. Obtaining Fixed Software ======================== Cisco has released free software updates that address this vulnerability. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. This vulnerability was found during the resolution of customer service requests. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sccp.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqO4X86n/Gc8U/uARArHuAKCNnTQkJtzQiDJ1RY0ERYFGDffpcwCdHruh U/8efv1qDpFghQLXNjqnSIg= =NuJi -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491. The problem is Bug ID : CSCtb13491 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCtb13491. This issue affects Cisco IOS running on Cisco 7200 Series and Cisco 7301 Series routers where a VPN Acceleration Module 2+ (VAM2+) is installed. http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&amp;bugId=CSCsq24002. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20100324-ipsec.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Cisco has released free software updates that address this vulnerability. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-ipsec.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= Vulnerable Products +------------------ Only Cisco 7200 Series and Cisco 7301 routers with VPN Acceleration Module 2+ (VAM2+) are affected by this vulnerability. To display a summary of the configuration information for the crypto engines and to determine if a VAM is present and used in the device, use the "show crypto engine brief" command, as shown in the following example: Router#show crypto engine brief crypto engine name: Virtual Private Network (VPN) Module crypto engine type: hardware State: Enabled Location: slot 4 VPN Module in slot: 4 Product Name: VAM2+ Software Serial #: 55AA Device ID: 001F - revision 0000 Vendor ID: 0000 Revision No: 0x001F0000 VSK revision: 0 Boot version: 902 DPU version: 0 HSP version: 3.4(3) (PRODUCTION) Time running: 00:00:10 Compression: Yes DES: Yes 3 DES: Yes AES CBC: Yes (128,192,256) AES CNTR: No Maximum buffer length: 4096 Maximum DH index: 5120 Maximum SA index: 5120 Maximum Flow index: 10230 Note: In the previous example, the "Product Name" VAM2+ is displayed, indicating that the router has the VAM2+ installed. The Enabled keyword under "State" indicates that the VAM2+ is enabled and active. IKE is enabled by default if IPsec is used. Cisco IOS devices that are configured for IKE will listen on UDP port 500, UDP port 4500 if the device is configured for NAT Traversal (NAT-T), or UDP ports 848 or 4848 if the device is configured for Group Domain of Interpretation (GDOI). The following outputs show a router that is listening on UDP port 500: Router#show ip sockets Proto Remote Port Local Port In Out Stat TTY OutputIF .... 17 --listen-- 192.168.66.129 500 0 0 11 0 .... Or Router#show udp Proto Remote Port Local Port In Out Stat TTY OutputIF 17 --listen-- 192.0.2.1 500 0 0 1011 0 17(v6) --listen-- --any-- 500 0 0 20011 0 Router# To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/web/about/security/intelligence/ios-ref.html Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XE and Cisco IOS XR Software are not affected by this vulnerability. No other Cisco products are currently known to be affected by this vulnerability. Details ======= IPsec is an IP security feature that provides robust authentication and encryption of IP packets. IKE is a key management protocol standard that is used with the IPsec standard. IKE is a hybrid protocol that implements the Oakley and SKEME key exchanges inside the Internet Security Association and Key Management Protocol (ISAKMP) framework. (ISAKMP, Oakley, and SKEME are security protocols that are implemented by IKE.). Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerability in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCtb13491 - Malformed IKE packet may cause reload CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of this vulnerability may cause the affected device to reload. Repeated exploitation will result in a denial of service (DoS) condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Bundle First Fixed Release" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.1 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | 12.2 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2B | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2BC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2BW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2BX | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2BY | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2BZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2CX | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2CY | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2CZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2DD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2DX | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases up to and | | | | including 12.2(37)EX are | | | | not vulnerable. | | 12.2EX | Not Vulnerable | | | | | Releases 12.2(44)EX and | | | | later are not | | | | vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+--------------------------| | | | Releases prior to 12.2 | | 12.2EY | Not Vulnerable | (37)EY are vulnerable, | | | | release 12.2(37)EY and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2IRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+--------------------------| | 12.2IRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Releases up to and | | 12.2JA | Not Vulnerable | including 12.2(4)JA1 are | | | | not vulnerable. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2JK | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2MC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4 | |------------+---------------------------+--------------------------| | 12.2MRA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.2 | | | | (30)S are vulnerable, | | 12.2S | Not Vulnerable | release 12.2(30)S and | | | | later are not | | | | vulnerable; | |------------+---------------------------+--------------------------| | | Releases prior to 12.2 | | | | (33)SB5 are vulnerable, | | | | release 12.2(33)SB5 and | 12.2(33)SB8 | | | later are not vulnerable; | | | 12.2SB | migrate to any release in | 12.2(31)SB18; Available | | | 12.2SRE | on 24-MAR-10 | | | | | | | Releases up to 12.2(31) | | | | SB18 are not vulnerable. | | |------------+---------------------------+--------------------------| | 12.2SBC | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | 12.2SCA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SCB | in 12.2SCB | |------------+---------------------------+--------------------------| | 12.2SCB | 12.2(33)SCB6 | 12.2(33)SCB6 | |------------+---------------------------+--------------------------| | 12.2SCC | 12.2(33)SCC1 | 12.2(33)SCC1 | |------------+---------------------------+--------------------------| | 12.2SCD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SE | Not Vulnerable | 12.2(50)SE4; Available | | | | on 25-MAR-10 | |------------+---------------------------+--------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SED | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+--------------------------| | 12.2SEE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+--------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.2 | | | | (25)SEG4 are vulnerable, | | 12.2SEG | Not Vulnerable | release 12.2(25)SEG4 and | | | | later are not | | | | vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+--------------------------| | | | Releases up to 12.2(31) | | | | SG1 are not vulnerable; | | 12.2SG | Not Vulnerable | releases 12.2(40)SG and | | | | later are not | | | | vulnerable. | |------------+---------------------------+--------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Releases prior to 12.2 | | | | (33)SRA6 are vulnerable, | | | 12.2SRA | release 12.2(33)SRA6 and | Vulnerable; first fixed | | | later are not vulnerable; | in 12.2SRD | | | migrate to any release in | | | | 12.2SRB | | |------------+---------------------------+--------------------------| | 12.2SRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+--------------------------| | 12.2SRC | Not Vulnerable | 12.2(33)SRC5 | |------------+---------------------------+--------------------------| | 12.2SRD | Not Vulnerable | 12.2(33)SRD3 | |------------+---------------------------+--------------------------| | 12.2SRE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2SU | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Releases up to and | | 12.2SV | Not Vulnerable | including 12.2(18)SV2 | | | | are not vulnerable. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Releases up to and | | | | including 12.2(25)SW3 | | | | are not vulnerable. | | 12.2SW | Not Vulnerable | | | | | Releases 12.2(25)SW12 | | | | and later are not | | | | vulnerable; first fixed | | | | in 15.0M | |------------+---------------------------+--------------------------| | 12.2SX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXF | Not Vulnerable | 12.2(18)SXF17a | |------------+---------------------------+--------------------------| | 12.2SXH | Not Vulnerable | 12.2(33)SXH6 | |------------+---------------------------+--------------------------| | | | 12.2(33)SXI2a | | 12.2SXI | Not Vulnerable | | | | | 12.2(33)SXI3 | |------------+---------------------------+--------------------------| | 12.2SY | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | 12.2SZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2T | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XB | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XF | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XG | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XH | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XI | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XJ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XK | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XL | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XM | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Releases prior to 12.2 | | | | (33)XN1 are vulnerable, | | 12.2XN | Not Vulnerable | release 12.2(33)XN1 and | | | | later are not | | | | vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+--------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XQ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XR | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XT | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XU | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XV | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2YA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.2YE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.2YK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2YM | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2YP | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YQ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YR | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YT | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YU | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YV | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YW | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.2ZA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2ZE | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2ZF | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2ZG | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2ZH | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZJ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZP | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.2ZU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXH | |------------+---------------------------+--------------------------| | 12.2ZX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3 | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3B | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3BC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3BW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JA | Not Vulnerable | (11)JA5 are vulnerable, | | | | release 12.3(11)JA5 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JEA | Not Vulnerable | (8)JEA4 are vulnerable, | | | | release 12.3(8)JEA4 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JEB | Not Vulnerable | (8)JEB2 are vulnerable, | | | | release 12.3(8)JEB2 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JEC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JED | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | | | | not vulnerable. | Vulnerable; migrate to | | 12.3JK | | any release in 15.0M or | | | Releases 12.3(8)JK1 and | a fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4 | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3T | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.3TPC | including 12.3(4)TPC11a | the instructions in | | | are not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; first fixed | | | Vulnerable; migrate to | in 12.4 | | 12.3XE | any release in 15.0M or a | | | | fixed 12.4 release. | Vulnerable; migrate to | | | | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XG | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3XI | Not Vulnerable | (7)XI11 are vulnerable, | | | | release 12.3(7)XI11 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XK | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XL | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XQ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XS | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XU | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XY | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YH | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YI | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YJ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Releases prior to 12.3 | Vulnerable; migrate to | | 12.3YK | (11)YK1 are vulnerable, | any release in 15.0M or | | | release 12.3(11)YK1 and | a fixed 12.4 release. | | | later are not vulnerable. | | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YM | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YS | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YT | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.3YZ | including 12.3(11)YZ1 are | the instructions in | | | not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | 12.4(25b) | | | | | 12.4(25c) | | 12.4 | 15.0(1)M1 | | | | | 15.0(1)M1 | | | 15.0(1)M2 ; Available on | | | | 26-MAR-10 | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4GC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+--------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+--------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD | |------------+---------------------------+--------------------------| | 12.4MDA | Not Vulnerable | 12.4(22)MDA2 | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4MR | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4SW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | 12.4(15)T12 | | | | | | | Releases prior to 12.4 | 12.4(20)T5 | | 12.4T | (15)T are vulnerable, | | | | release 12.4(15)T and | 12.4(24)T3; Available on | | | later are not vulnerable | 26-MAR-10 | | | | | | | | 12.4(22)T4 | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XC | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M | Vulnerable; migrate to | | 12.4XD | | any release in 15.0M or | | | Vulnerable; migrate to | a fixed 12.4 release. | | | any release in 15.0M or a | | | | fixed 12.4 release. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XE | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XF | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XG | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Releases prior to 12.4 | Vulnerable; migrate to | | 12.4XJ | (11)XJ4 are vulnerable, | any release in 15.0M or | | | release 12.4(11)XJ4 and | a fixed 12.4 release. | | | later are not vulnerable | | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XK | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XM | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XQ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.4XR | Not Vulnerable | 12.4(22)XR3 | |------------+---------------------------+--------------------------| | | Releases prior to 12.4 | Vulnerable; migrate to | | 12.4XT | (11)XJ4 are vulnerable, | any release in 15.0M or | | | release 12.4(11)XJ4 and | a fixed 12.4 release. | | | later are not vulnerable | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XV | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XY | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4YA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | 12.4(22)YE2 | | 12.4YE | Not Vulnerable | | | | | 12.4(24)YE | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.1 based releases | +-------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== There are no workarounds available. Obtaining Fixed Software ======================== Cisco has released free software updates that address this vulnerability. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. This vulnerability was found during the resolution of customer service requests. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-ipsec.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqO4X86n/Gc8U/uARAvMeAKCLz6zc5smzEqvz29iaH2iWvtrd/wCcCGII F9PGfhb2rz3jNVjWPnlhgu8= =K78N -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. Cisco IOS Is H.323 Service operation disruption due to incomplete packet processing (DoS) There is a vulnerability that becomes a condition. The problem is Bug ID : CSCta19962 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to consume all available space in the H.323 interface queue, resulting in a queue wedge, which may prevent new packets from being processed. This issue is being tracked by Cisco Bug ID CSCtb19962. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software H.323 Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100324-h323 Revision 1.0 For Public Release 2010 March 24 1600 UTC (GMT) +--------------------------------------------------------------------- Summary ======= The H.323 implementation in Cisco IOS Software contains two vulnerabilities that may be exploited remotely to cause a denial of service (DoS) condition on a device that is running a vulnerable version of Cisco IOS Software. Cisco has released free software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities other than disabling H.323 on the vulnerable device if H.323 is not required. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= This vulnerability only affects devices running Cisco IOS Software with H.323 voice services enabled. Vulnerable Products +------------------ Cisco devices that are running affected Cisco IOS Software versions that are configured to process H.323 messages are affected by these vulnerabilities. H.323 is not enabled by default. To determine if the Cisco IOS Software device is running H.323 services, use the "show process cpu | include 323" command, as shown in the following example: Router#show process cpu | include 323 249 16000 3 5333 0.00% 0.00% 0.00% 0 CCH323_CT 250 0 1 0 0.00% 0.00% 0.00% 0 CCH323_DNS Router# In the previous example the processes CCH323_CT and CCH323_DNS are running on the device; subsequently, the device is listening to H.323 messages. The device is vulnerable as long as any of these processes (or similar) are active. Note: Only H.323 listening on port TCP 1720 is affected. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/web/about/security/intelligence/ios-ref.html Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XR Software is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= H.323 is the ITU standard for real-time multimedia communications and conferencing over packet-based (IP) networks. A subset of the H.323 standard is H.225.0, a standard used for call signaling protocols and media stream packetization over IP networks. An attacker can exploit these vulnerabilities remotely by sending crafted H.323 packets to the affected device that is running Cisco IOS Software. A TCP three-way handshake is needed to exploit these vulnerabilities. The second vulnerability may cause a memory leak and, in most cases, the device to reload. Received packets are counted against the interface input "queue," which is of a limited and relatively small size. For example, on most interface types on most platforms the default interface input queue is 75 packets, a value that can be configured via the hold-queue value in interface configuration command. Once the input queue contains nothing but packets that, due to a bug, will never be dequeued, the queue is said to be wedged. More recently this condition has been termed a "blocked interface". This can be seen on a Cisco IOS device when the input queue size is equal to or greater than (depending on the Cisco IOS Software Release) the input queue max value, as shown below. In this example, the current "size" of the input queue is 75, which is equal to the "max" size of the input queue, which is also 75. Router#show interface Ethernet 0/0 Ethernet0/0 is up, line protocol is up Hardware is AmdP2, address is 0001.0001.0001 Internet address is 10.1.1.100/24 MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:20, output 00:00:05, output hang never Last clearing of "show interface" counters never Input queue: 75/75/44/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 4000 bits/sec, 9 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 2937 packets input, 182298 bytes, 0 no buffer Received 7 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 58 packets output, 6540 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out For more information about queue wedges and a few detection mechanisms that may be used to identify a blocked interface on Cisco IOS Software (including an EEM script specifically for this purpose and a whitepaper describing how this condition can be detected using SNMP) go to: http://blogs.cisco.com/security/comments/cisco_ios_queue_wedges_explained To display detected memory leaks, use the "show memory debug leaks" command in privileged EXEC mode. Router#show memory debug leaks Adding blocks for GD... I/O memory Address Size Alloc_pc PID Alloc-Proc Name Processor memory Address Size Alloc_pc PID Alloc-Proc Name 640854D4 1940 622265A4 196 CCH323_CT CCH323_CT 640EA5E8 1940 622265A4 196 CCH323_CT CCH323_CT 65961B38 1940 622265A4 196 CCH323_CT CCH323_CT The previous example shows a memory leak in the process CCH323_CT. The show memory debug leaks command was introduced in Cisco IOS Software versions 12.3(8)T1 and 12.2(25)S, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCta19962 - Interface queue wedge experienced when sending crafted H.323 packets CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCtb93855 - Memory leak after receiving H.323 crafted packets CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the vulnerabilities described in this advisory may cause the affected device to experience an interface queue wedge or to reload. Theses vulnerabilities could be exploited repeatedly to cause an extended DoS condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Bundle First Fixed Release" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +--------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+-------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.0 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.1 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1AX | Not Vulnerable | including 12.1(11)AX are | | | | not vulnerable; first | | | | fixed in 12.2SE | |------------+---------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1E | Not Vulnerable | including 12.1(7a)E1a are | | | | not vulnerable; migrate | | | | to any release in 12.2SXF | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.1(6)EA2c are | | 12.1EA | Not Vulnerable | not vulnerable. Releases | | | | 12.1(8)EA1c and later are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1EB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EC | Not Vulnerable | including 12.1(7)EC are | | | | not vulnerable; migrate | | | | to 12.2SCB | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EO | Not Vulnerable | including 12.1(19)EO6 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EY | Not Vulnerable | including 12.1(7a)EY3 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1T | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XI | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XP | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XR | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XT | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XU | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2 | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases prior to 12.1(5) | | 12.1XV | Not Vulnerable | XV1 are vulnerable, | | | | release 12.1(5)XV1 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YB | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | 12.1YC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YD | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2 | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases prior to 12.1(5) | | 12.1YE | Not Vulnerable | YE6 are vulnerable, | | | | release 12.1(5)YE6 and | | | | later are not vulnerable. | |------------+---------------------------+---------------------------| | 12.1YF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1YI | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.2 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2B | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BC | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BX | any release in 12.2SB | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BZ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2CX | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2CY | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2CZ | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2S | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2DD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2DX | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(37)EX are | | | | not vulnerable. | | 12.2EX | Not Vulnerable | | | | | Releases 12.2(44)EX and | | | | later are not vulnerable; | | | | first fixed in 12.2SE | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2EY | Not Vulnerable | (37)EY are vulnerable, | | | | release 12.2(37)EY and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2IRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+---------------------------| | 12.2IRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2JA | Not Vulnerable | including 12.2(4)JA1 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2JK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.2(15)MC1 are | | | | not vulnerable. | Vulnerable; first fixed | | 12.2MC | | in 12.4 | | | Releases 12.2(15)MC2b and | | | | later are not vulnerable; | | | | first fixed in 15.0M | | |------------+---------------------------+---------------------------| | 12.2MRA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2S | Not Vulnerable | (30)S are vulnerable, | | | | release 12.2(30)S and | | | | later are not vulnerable; | |------------+---------------------------+---------------------------| | | | 12.2(33)SB8 | | 12.2SB | Not Vulnerable | | | | | 12.2(31)SB18; Available | | | | on 24-MAR-10 | |------------+---------------------------+---------------------------| | 12.2SBC | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+---------------------------| | 12.2SCB | Not Vulnerable | 12.2(33)SCB6 | |------------+---------------------------+---------------------------| | 12.2SCC | Not Vulnerable | 12.2(33)SCC1 | |------------+---------------------------+---------------------------| | 12.2SCD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SE | Not Vulnerable | 12.2(50)SE4; Available on | | | | 25-MAR-10 | |------------+---------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SED | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (25)SEG4 are vulnerable, | | 12.2SEG | Not Vulnerable | release 12.2(25)SEG4 and | | | | later are not vulnerable; | | | | first fixed in 12.2SE | |------------+---------------------------+---------------------------| | | | Releases up to 12.2(31) | | 12.2SG | Not Vulnerable | SG1 are not vulnerable; | | | | releases 12.2(40)SG and | | | | later are not vulnerable. | |------------+---------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+---------------------------| | 12.2SRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+---------------------------| | 12.2SRC | Not Vulnerable | 12.2(33)SRC5 | |------------+---------------------------+---------------------------| | 12.2SRD | Not Vulnerable | 12.2(33)SRD3 | |------------+---------------------------+---------------------------| | 12.2SRE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2SU | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2SV | Not Vulnerable | including 12.2(18)SV2 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(25)SW3 are | | | | not vulnerable. | | 12.2SW | Not Vulnerable | | | | | Releases 12.2(25)SW12 and | | | | later are not vulnerable; | | | | first fixed in 15.0M | |------------+---------------------------+---------------------------| | 12.2SX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXF | Not Vulnerable | 12.2(18)SXF17a | |------------+---------------------------+---------------------------| | 12.2SXH | Not Vulnerable | 12.2(33)SXH6 | |------------+---------------------------+---------------------------| | | | 12.2(33)SXI2a | | 12.2SXI | Not Vulnerable | | | | | 12.2(33)SXI3 | |------------+---------------------------+---------------------------| | 12.2SY | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2SZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2T | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XB | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XF | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XH | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XI | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XJ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XK | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XL | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (33)XN1 are vulnerable, | | 12.2XN | Not Vulnerable | release 12.2(33)XN1 and | | | | later are not vulnerable; | | | | first fixed in 12.2SRC | |------------+---------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | | 12.2(33)XNE1; Please see | Please see Cisco IOS-XE | | 12.2XNE | Cisco IOS-XE Software | Software Availability | | | Availability | | |------------+---------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XR | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XV | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2YA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2YM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2YP | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YQ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YR | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YT | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (11)YV1 are vulnerable, | support organization per | | 12.2YV | release 12.2(11)YV1 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YW | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.2ZB | including 12.2(8)ZB are | the instructions in | | | not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZF | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2ZG | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZH | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXH | |------------+---------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3 | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3B | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3BC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3BW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3 | | 12.3JA | Not Vulnerable | (11)JA5 are vulnerable, | | | | release 12.3(11)JA5 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3(8) | | 12.3JEA | Not Vulnerable | JEA4 are vulnerable, | | | | release 12.3(8)JEA4 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3(8) | | 12.3JEB | Not Vulnerable | JEB2 are vulnerable, | | | | release 12.3(8)JEB2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JEC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JED | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | | | | not vulnerable. | Vulnerable; migrate to | | 12.3JK | | any release in 15.0M or a | | | Releases 12.3(8)JK1 and | fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 15.0M | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3T | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.3TPC | including 12.3(4)TPC11a | the instructions in | | | are not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.3(2) | | | | XA7 are vulnerable, | Vulnerable; migrate to | | 12.3XA | release 12.3(2)XA7 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 15.0M | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; first fixed | | | Vulnerable; migrate to | in 12.4 | | 12.3XE | any release in 15.0M or a | | | | fixed 12.4 release. | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Note: Releases prior to | Releases prior to 12.3(7) | | | 12.3(7)XI11 are | XI11 are vulnerable, | | 12.3XI | vulnerable, release 12.3 | release 12.3(7)XI11 and | | | (7)XI11 and later are not | later are not vulnerable | | | vulnerable; | | |------------+---------------------------+---------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XK | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XL | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3XS | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YA | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YH | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YI | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YJ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases prior to 12.3 | | | | (11)YK3 are vulnerable, | Vulnerable; migrate to | | 12.3YK | release 12.3(11)YK3 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YS | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | 12.4(25c) | 12.4(25c) | | 12.4 | | | | | 15.0(1)M1 | 15.0(1)M1 | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4GC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+---------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD | |------------+---------------------------+---------------------------| | 12.4MDA | Not Vulnerable | 12.4(22)MDA2 | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4MR | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4SW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | 12.4(15)T12 | | | 12.4(15)T12 | | | | | 12.4(20)T5 | | 12.4T | 12.4(24)T3; Available on | | | | 26-MAR-10 | 12.4(24)T3; Available on | | | | 26-MAR-10 | | | 12.4(22)T4 | | | | | 12.4(22)T4 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XF | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XG | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XJ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.4(15)XM are | | | | not vulnerable. | Vulnerable; migrate to | | 12.4XM | | any release in 15.0M or a | | | Releases 12.4(15)XM3 and | fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XQ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.4XR | Not Vulnerable | 12.4(22)XR3 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | 12.4(22)YB5 | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | 12.4(22)YE2 | | 12.4YE | Not Vulnerable | | | | | 12.4(24)YE | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 15.0M | 15.0(1)M1 | 15.0(1)M1 | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 15.1 based releases | +--------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== There are no workarounds to mitigate these vulnerabilities apart from disabling H.323 if the Cisco IOS device does not need it. Applying access lists on interfaces that should not accept H.323 traffic and putting firewalls in strategic locations may greatly reduce exposure until an upgrade can be performed. Cisco provides Solution Reference Network Design (SRND) guides to help design and deploy networking solutions, which can be found at http://www.cisco.com/go/srnd Voice Security best practices are covered in the Cisco Unified Communications SRND Based on Cisco Unified Communications Manager 6.x at: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/6x/security.html You can use the "call service stop forced" command under the "voice service voip" mode, as shown in the following example: voice service voip h323 call service stop forced Note: The "call service stop forced" command disables all H.323 call processing. Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Denial of Service Vulnerabilities in Cisco Unified Communications Manager and Cisco IOS Software", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100324-voice.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. This vulnerability was found during internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqO4X86n/Gc8U/uARAp1nAKCJrd5l78BTq81FUmdL/iLpRXD6oACbBRdZ 6SI+pvsYaMsm7pxdzKQg5gs= =hTNF -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . SOLUTION: Update to the fixed version (please see the vendor's advisories for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855. Cisco IOS of H.323 For implementation, H.323 Service operation disruption due to incomplete packet processing (DoS) There is a vulnerability that becomes a condition. The problem is Bug ID : CSCtb93855 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtb93855. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software H.323 Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100324-h323 Revision 1.0 For Public Release 2010 March 24 1600 UTC (GMT) +--------------------------------------------------------------------- Summary ======= The H.323 implementation in Cisco IOS Software contains two vulnerabilities that may be exploited remotely to cause a denial of service (DoS) condition on a device that is running a vulnerable version of Cisco IOS Software. Cisco has released free software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities other than disabling H.323 on the vulnerable device if H.323 is not required. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= This vulnerability only affects devices running Cisco IOS Software with H.323 voice services enabled. Vulnerable Products +------------------ Cisco devices that are running affected Cisco IOS Software versions that are configured to process H.323 messages are affected by these vulnerabilities. H.323 is not enabled by default. To determine if the Cisco IOS Software device is running H.323 services, use the "show process cpu | include 323" command, as shown in the following example: Router#show process cpu | include 323 249 16000 3 5333 0.00% 0.00% 0.00% 0 CCH323_CT 250 0 1 0 0.00% 0.00% 0.00% 0 CCH323_DNS Router# In the previous example the processes CCH323_CT and CCH323_DNS are running on the device; subsequently, the device is listening to H.323 messages. The device is vulnerable as long as any of these processes (or similar) are active. Note: Only H.323 listening on port TCP 1720 is affected. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/web/about/security/intelligence/ios-ref.html Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XR Software is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= H.323 is the ITU standard for real-time multimedia communications and conferencing over packet-based (IP) networks. A subset of the H.323 standard is H.225.0, a standard used for call signaling protocols and media stream packetization over IP networks. An attacker can exploit these vulnerabilities remotely by sending crafted H.323 packets to the affected device that is running Cisco IOS Software. A TCP three-way handshake is needed to exploit these vulnerabilities. When exploited, the first vulnerability may lead to an interface queue wedge. The second vulnerability may cause a memory leak and, in most cases, the device to reload. An interface queue wedge is a class of vulnerability in which certain packets are received and queued by a Cisco IOS router or switch, but due to a processing error, are never removed from the queue. Received packets are counted against the interface input "queue," which is of a limited and relatively small size. For example, on most interface types on most platforms the default interface input queue is 75 packets, a value that can be configured via the hold-queue value in interface configuration command. Once the input queue contains nothing but packets that, due to a bug, will never be dequeued, the queue is said to be wedged. More recently this condition has been termed a "blocked interface". This can be seen on a Cisco IOS device when the input queue size is equal to or greater than (depending on the Cisco IOS Software Release) the input queue max value, as shown below. In this example, the current "size" of the input queue is 75, which is equal to the "max" size of the input queue, which is also 75. Router#show interface Ethernet 0/0 Ethernet0/0 is up, line protocol is up Hardware is AmdP2, address is 0001.0001.0001 Internet address is 10.1.1.100/24 MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:20, output 00:00:05, output hang never Last clearing of "show interface" counters never Input queue: 75/75/44/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 4000 bits/sec, 9 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 2937 packets input, 182298 bytes, 0 no buffer Received 7 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 58 packets output, 6540 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out For more information about queue wedges and a few detection mechanisms that may be used to identify a blocked interface on Cisco IOS Software (including an EEM script specifically for this purpose and a whitepaper describing how this condition can be detected using SNMP) go to: http://blogs.cisco.com/security/comments/cisco_ios_queue_wedges_explained To display detected memory leaks, use the "show memory debug leaks" command in privileged EXEC mode. Router#show memory debug leaks Adding blocks for GD... I/O memory Address Size Alloc_pc PID Alloc-Proc Name Processor memory Address Size Alloc_pc PID Alloc-Proc Name 640854D4 1940 622265A4 196 CCH323_CT CCH323_CT 640EA5E8 1940 622265A4 196 CCH323_CT CCH323_CT 65961B38 1940 622265A4 196 CCH323_CT CCH323_CT The previous example shows a memory leak in the process CCH323_CT. The show memory debug leaks command was introduced in Cisco IOS Software versions 12.3(8)T1 and 12.2(25)S, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCta19962 - Interface queue wedge experienced when sending crafted H.323 packets CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCtb93855 - Memory leak after receiving H.323 crafted packets CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the vulnerabilities described in this advisory may cause the affected device to experience an interface queue wedge or to reload. Theses vulnerabilities could be exploited repeatedly to cause an extended DoS condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Bundle First Fixed Release" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +--------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+-------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.0 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.1 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1AX | Not Vulnerable | including 12.1(11)AX are | | | | not vulnerable; first | | | | fixed in 12.2SE | |------------+---------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1E | Not Vulnerable | including 12.1(7a)E1a are | | | | not vulnerable; migrate | | | | to any release in 12.2SXF | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.1(6)EA2c are | | 12.1EA | Not Vulnerable | not vulnerable. Releases | | | | 12.1(8)EA1c and later are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1EB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EC | Not Vulnerable | including 12.1(7)EC are | | | | not vulnerable; migrate | | | | to 12.2SCB | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EO | Not Vulnerable | including 12.1(19)EO6 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EY | Not Vulnerable | including 12.1(7a)EY3 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1T | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XI | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XP | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XR | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XT | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XU | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2 | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases prior to 12.1(5) | | 12.1XV | Not Vulnerable | XV1 are vulnerable, | | | | release 12.1(5)XV1 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YB | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | 12.1YC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YD | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2 | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases prior to 12.1(5) | | 12.1YE | Not Vulnerable | YE6 are vulnerable, | | | | release 12.1(5)YE6 and | | | | later are not vulnerable. | |------------+---------------------------+---------------------------| | 12.1YF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1YI | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.2 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2B | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BC | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BX | any release in 12.2SB | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BZ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2CX | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2CY | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2CZ | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2S | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2DD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2DX | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(37)EX are | | | | not vulnerable. | | 12.2EX | Not Vulnerable | | | | | Releases 12.2(44)EX and | | | | later are not vulnerable; | | | | first fixed in 12.2SE | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2EY | Not Vulnerable | (37)EY are vulnerable, | | | | release 12.2(37)EY and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2IRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+---------------------------| | 12.2IRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2JA | Not Vulnerable | including 12.2(4)JA1 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2JK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.2(15)MC1 are | | | | not vulnerable. | Vulnerable; first fixed | | 12.2MC | | in 12.4 | | | Releases 12.2(15)MC2b and | | | | later are not vulnerable; | | | | first fixed in 15.0M | | |------------+---------------------------+---------------------------| | 12.2MRA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2S | Not Vulnerable | (30)S are vulnerable, | | | | release 12.2(30)S and | | | | later are not vulnerable; | |------------+---------------------------+---------------------------| | | | 12.2(33)SB8 | | 12.2SB | Not Vulnerable | | | | | 12.2(31)SB18; Available | | | | on 24-MAR-10 | |------------+---------------------------+---------------------------| | 12.2SBC | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+---------------------------| | 12.2SCB | Not Vulnerable | 12.2(33)SCB6 | |------------+---------------------------+---------------------------| | 12.2SCC | Not Vulnerable | 12.2(33)SCC1 | |------------+---------------------------+---------------------------| | 12.2SCD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SE | Not Vulnerable | 12.2(50)SE4; Available on | | | | 25-MAR-10 | |------------+---------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SED | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (25)SEG4 are vulnerable, | | 12.2SEG | Not Vulnerable | release 12.2(25)SEG4 and | | | | later are not vulnerable; | | | | first fixed in 12.2SE | |------------+---------------------------+---------------------------| | | | Releases up to 12.2(31) | | 12.2SG | Not Vulnerable | SG1 are not vulnerable; | | | | releases 12.2(40)SG and | | | | later are not vulnerable. | |------------+---------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+---------------------------| | 12.2SRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+---------------------------| | 12.2SRC | Not Vulnerable | 12.2(33)SRC5 | |------------+---------------------------+---------------------------| | 12.2SRD | Not Vulnerable | 12.2(33)SRD3 | |------------+---------------------------+---------------------------| | 12.2SRE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2SU | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2SV | Not Vulnerable | including 12.2(18)SV2 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(25)SW3 are | | | | not vulnerable. | | 12.2SW | Not Vulnerable | | | | | Releases 12.2(25)SW12 and | | | | later are not vulnerable; | | | | first fixed in 15.0M | |------------+---------------------------+---------------------------| | 12.2SX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXF | Not Vulnerable | 12.2(18)SXF17a | |------------+---------------------------+---------------------------| | 12.2SXH | Not Vulnerable | 12.2(33)SXH6 | |------------+---------------------------+---------------------------| | | | 12.2(33)SXI2a | | 12.2SXI | Not Vulnerable | | | | | 12.2(33)SXI3 | |------------+---------------------------+---------------------------| | 12.2SY | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2SZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2T | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XB | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XF | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XH | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XI | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XJ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XK | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XL | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (33)XN1 are vulnerable, | | 12.2XN | Not Vulnerable | release 12.2(33)XN1 and | | | | later are not vulnerable; | | | | first fixed in 12.2SRC | |------------+---------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | | 12.2(33)XNE1; Please see | Please see Cisco IOS-XE | | 12.2XNE | Cisco IOS-XE Software | Software Availability | | | Availability | | |------------+---------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XR | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XV | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2YA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2YM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2YP | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YQ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YR | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YT | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (11)YV1 are vulnerable, | support organization per | | 12.2YV | release 12.2(11)YV1 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YW | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.2ZB | including 12.2(8)ZB are | the instructions in | | | not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZF | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2ZG | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZH | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXH | |------------+---------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3 | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3B | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3BC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3BW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3 | | 12.3JA | Not Vulnerable | (11)JA5 are vulnerable, | | | | release 12.3(11)JA5 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3(8) | | 12.3JEA | Not Vulnerable | JEA4 are vulnerable, | | | | release 12.3(8)JEA4 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3(8) | | 12.3JEB | Not Vulnerable | JEB2 are vulnerable, | | | | release 12.3(8)JEB2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JEC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JED | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | | | | not vulnerable. | Vulnerable; migrate to | | 12.3JK | | any release in 15.0M or a | | | Releases 12.3(8)JK1 and | fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 15.0M | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3T | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.3TPC | including 12.3(4)TPC11a | the instructions in | | | are not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.3(2) | | | | XA7 are vulnerable, | Vulnerable; migrate to | | 12.3XA | release 12.3(2)XA7 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 15.0M | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; first fixed | | | Vulnerable; migrate to | in 12.4 | | 12.3XE | any release in 15.0M or a | | | | fixed 12.4 release. | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Note: Releases prior to | Releases prior to 12.3(7) | | | 12.3(7)XI11 are | XI11 are vulnerable, | | 12.3XI | vulnerable, release 12.3 | release 12.3(7)XI11 and | | | (7)XI11 and later are not | later are not vulnerable | | | vulnerable; | | |------------+---------------------------+---------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XK | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XL | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3XS | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YA | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YH | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YI | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YJ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases prior to 12.3 | | | | (11)YK3 are vulnerable, | Vulnerable; migrate to | | 12.3YK | release 12.3(11)YK3 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YS | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | 12.4(25c) | 12.4(25c) | | 12.4 | | | | | 15.0(1)M1 | 15.0(1)M1 | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4GC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+---------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD | |------------+---------------------------+---------------------------| | 12.4MDA | Not Vulnerable | 12.4(22)MDA2 | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4MR | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4SW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | 12.4(15)T12 | | | 12.4(15)T12 | | | | | 12.4(20)T5 | | 12.4T | 12.4(24)T3; Available on | | | | 26-MAR-10 | 12.4(24)T3; Available on | | | | 26-MAR-10 | | | 12.4(22)T4 | | | | | 12.4(22)T4 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XF | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XG | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XJ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.4(15)XM are | | | | not vulnerable. | Vulnerable; migrate to | | 12.4XM | | any release in 15.0M or a | | | Releases 12.4(15)XM3 and | fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XQ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.4XR | Not Vulnerable | 12.4(22)XR3 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | 12.4(22)YB5 | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | 12.4(22)YE2 | | 12.4YE | Not Vulnerable | | | | | 12.4(24)YE | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 15.0M | 15.0(1)M1 | 15.0(1)M1 | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 15.1 based releases | +--------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== There are no workarounds to mitigate these vulnerabilities apart from disabling H.323 if the Cisco IOS device does not need it. Applying access lists on interfaces that should not accept H.323 traffic and putting firewalls in strategic locations may greatly reduce exposure until an upgrade can be performed. Cisco provides Solution Reference Network Design (SRND) guides to help design and deploy networking solutions, which can be found at http://www.cisco.com/go/srnd Voice Security best practices are covered in the Cisco Unified Communications SRND Based on Cisco Unified Communications Manager 6.x at: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/6x/security.html You can use the "call service stop forced" command under the "voice service voip" mode, as shown in the following example: voice service voip h323 call service stop forced Note: The "call service stop forced" command disables all H.323 call processing. Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Denial of Service Vulnerabilities in Cisco Unified Communications Manager and Cisco IOS Software", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100324-voice.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. This vulnerability was found during internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqO4X86n/Gc8U/uARAp1nAKCJrd5l78BTq81FUmdL/iLpRXD6oACbBRdZ 6SI+pvsYaMsm7pxdzKQg5gs= =hTNF -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . SOLUTION: Update to the fixed version (please see the vendor's advisories for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186. Cisco IOS Is PMTUD , SNAT Or TCP When using window size settings, TCP Service operation disruption due to incomplete segment processing (DoS) There is a vulnerability that becomes a condition. The problem is Bug ID : CSCsz75186 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco IOS is prone to a denial-of-service vulnerability when handling specially crafted TCP packets. An attacker can exploit this issue to trigger an affected device to reload or hang, causing denial-of-service conditions. The device must have a specific configuration to be affected by this vulnerability. This issue is documented by Cisco Bug ID CSCsz75186. SOLUTION: Update to the fixed version (please see the vendor's advisories for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20100324-tcp.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . The vulnerability may be triggered by a TCP segment containing crafted TCP options that is received during the TCP session establishment phase. Cisco has released free software updates that address this vulnerability. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-tcp.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= Vulnerable Products +------------------ Vulnerable devices are running an affected version of Cisco IOS Software, and are configured for any of the following: * A specific TCP window size * TCP path MTU discovery (PMTUD) * Stateful Network Address Translation (SNAT) with TCP as the transport protocol Configurations Using a Specific TCP Window Size ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Devices configured to use a specific TCP receive window size for connections originating on the device are affected by this vulnerability. A device configured with a specific TCP receive window size has the following command in its configuration: ip tcp window-size <window size, from 0 to 1073741823> If the TCP window size has not been explicitly configured with the command "ip tcp window-size <window size, from 0 to 1073741823>" then the device is not affected by the vulnerability. Configurations Using Path MTU Discovery ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Devices configured to use PMTUD for TCP connections originating or terminating on the device are also affected by this vulnerability. Different Cisco IOS Software features may allow to enable or disable PMTUD on a per-feature basis. The following list contains features known to enable PMTUD for TCP connections: * TCP over IPv4: the "ip tcp path-mtu-discovery" command enables PMTUD for all new TCP over IPv4 connections from the device. This command is disabled by default. * TCP over IPv6: PMTUD is enabled by default for IPV6 and cannot be disabled. * Border Gateway Protocol (BGP): recent versions of Cisco IOS Software (Cisco IOS Release 12.2(33)SRA, 12.2(31)SB, 12.2(33)SXH, 12.4(20)T and later releases) automatically enable PMTUD for all BGP neighbor sessions when BGP is configured. Refer to: http://www.cisco.com/en/US/docs/ios/12_2sr/12_2sra/feature/guide/srbgpmtu.html for details. Other features like generic routing encapsulation (GRE), IP-in-IP tunneling, and Layer 2 Tunneling Protocol (L2TP) also allow the use of PMTUD. Configurations Using Stateful NAT with TCP as the Transport Protocol ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Devices configured to use SNAT are also affected by this vulnerability. A device configured to use SNAT with TCP as the transport protocol has the following commands in its configuration: ip nat Stateful id <stateful NAT ID number> redundancy <redundancy group name> ... protocol tcp ! Note that to be affected under an SNAT configuration scenario, the SNAT transport protocol must be TCP. Recent versions of Cisco IOS Software do not support the use of TCP as the SNAT transport protocol (they only support UDP), in which case the use of SNAT does not make a device vulnerable. SNAT is not enabled by default, and when SNAT is configured, the default transport protocol is TCP if the Cisco IOS Software release supports TCP as a transport protocol for SNAT. Determining The Cisco IOS Software Version ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name is displayed in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih <output truncated> The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team <output truncated> Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XR Software is not affected. Cisco IOS XE Software is not affected. The vulnerability may only be triggered by a TCP segment received during the TCP session establishment phase. The received TCP segment must contain crafted, not malformed, TCP options. A TCP three-way handshake does not need to be completed to exploit the vulnerability. To be affected by this vulnerability, a device must be configured for any of the following: * A specific TCP receive window size * PMTUD * SNAT with TCP as the transport protocol Refer to the Affected Products section for additional details on these configurations. The following syslog messages may indicate that this vulnerability has been exploited: %SYS-3-CPUHOG: Task is running for (128004)msecs, more than (2000)msecs (23/1),process = IP Input. -Traceback= 0x41CA6AC4 0x41C83170 0x41A22704 0x41F249D4 0x41A24A34 0x41B24C58 %SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IP Input. BGP Considerations ~~~~~~~~~~~~~~~~~~ This vulnerability could be exploited through the BGP port (TCP port 179) if all the following conditions are met: * The device is configured for one or more of the features that make a device affected, as explained above. Note that in recent versions of Cisco IOS Software, configuring BGP automatically enables PMTUD for all BGP neighbor sessions. * The source IP address of an attack packet is the IP address of a configured BGP peer. * If the BGP TTL Security Hack (BTSH)/Generalized TTL Security Mechanism (GTSM) is configured, the TTL of the received attack packet is within the allowed TTL range. * If the BGP peering session is protected by the TCP MD5 option, the attack packet has the correct MD5 hash. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerability in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCsz75186 - TCP crash by watchdog timeout due to crafted TCP segment CVSS Base Score - 7.1 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 5.9 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the vulnerability may cause the affected device to reload or hang. Repeated exploitation could result in a sustained denial of service condition. In the case of a hang, cycling power to the device may be required to put the device back in service. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release for this Advisory" column of the table. The "First Fixed Release for all Advisories in 24 March 2010 Bundle Publication" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.1 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | 12.2 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.2B | fixed 12.4 release. | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.2(4)B8 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.2BC | fixed 12.4 release. | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.2(4)BC1b are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2BW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; first fixed | | | | in 12.4 | Vulnerable; migrate to | | 12.2BX | | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.2(2)BX1 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.2BY | fixed 12.4 | any release in 15.0M or | | | release.Releases up to | a fixed 12.4 release. | | | and including 12.2(2)BY3 | | | | are not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BZ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2CX | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2CY | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2CZ | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2S | any release in 12.2SRE | |------------+---------------------------+--------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2DD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2DX | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases up to and | | | | including 12.2(37)EX are | | | | not vulnerable. | | 12.2EX | Not Vulnerable | | | | | Releases 12.2(44)EX and | | | | later are not | | | | vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+--------------------------| | | | Releases prior to 12.2 | | 12.2EY | Not Vulnerable | (37)EY are vulnerable, | | | | release 12.2(37)EY and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2IRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+--------------------------| | 12.2IRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Releases up to and | Releases up to and | | 12.2JA | including 12.2(4)JA1 are | including 12.2(4)JA1 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2JK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; first fixed | | 12.2MC | any release in 15.0M or a | in 12.4 | | | fixed 12.4 release. | | |------------+---------------------------+--------------------------| | 12.2MRA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.2 | | | | (30)S are vulnerable, | | 12.2S | Not Vulnerable | release 12.2(30)S and | | | | later are not | | | | vulnerable; | |------------+---------------------------+--------------------------| | | | 12.2(33)SB8 | | 12.2SB | Not Vulnerable | | | | | 12.2(31)SB18; Available | | | | on 24-MAR-10 | |------------+---------------------------+--------------------------| | 12.2SBC | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+--------------------------| | 12.2SCB | Not Vulnerable | 12.2(33)SCB6 | |------------+---------------------------+--------------------------| | 12.2SCC | Not Vulnerable | 12.2(33)SCC1 | |------------+---------------------------+--------------------------| | 12.2SCD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SE | Not Vulnerable | 12.2(50)SE4; Available | | | | on 25-MAR-10 | |------------+---------------------------+--------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SED | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+--------------------------| | 12.2SEE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+--------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.2 | | | | (25)SEG4 are vulnerable, | | 12.2SEG | Not Vulnerable | release 12.2(25)SEG4 and | | | | later are not | | | | vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+--------------------------| | | | Releases up to 12.2(31) | | | | SG1 are not vulnerable; | | 12.2SG | Not Vulnerable | releases 12.2(40)SG and | | | | later are not | | | | vulnerable. | |------------+---------------------------+--------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2SRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+--------------------------| | 12.2SRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+--------------------------| | 12.2SRC | Not Vulnerable | 12.2(33)SRC5 | |------------+---------------------------+--------------------------| | 12.2SRD | Not Vulnerable | 12.2(33)SRD3 | |------------+---------------------------+--------------------------| | 12.2SRE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2SU | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Releases up to and | | 12.2SV | Not Vulnerable | including 12.2(18)SV2 | | | | are not vulnerable. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Releases up to and | | | | including 12.2(25)SW3 | | | | are not vulnerable. | | 12.2SW | Not Vulnerable | | | | | Releases 12.2(25)SW12 | | | | and later are not | | | | vulnerable; first fixed | | | | in 15.0M | |------------+---------------------------+--------------------------| | 12.2SX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | 12.2SXF | Not Vulnerable | 12.2(18)SXF17a | |------------+---------------------------+--------------------------| | 12.2SXH | Not Vulnerable | 12.2(33)SXH6 | |------------+---------------------------+--------------------------| | | | 12.2(33)SXI2a | | 12.2SXI | Not Vulnerable | | | | | 12.2(33)SXI3 | |------------+---------------------------+--------------------------| | 12.2SY | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | 12.2SZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.2T | fixed 12.4 | any release in 15.0M or | | | release.Releases up to | a fixed 12.4 release. | | | and including 12.2(4)T7 | | | | are not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XB | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XF | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XG | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XH | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XI | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XJ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XL | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XM | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Releases prior to 12.2 | | | | (33)XN1 are vulnerable, | | 12.2XN | Not Vulnerable | release 12.2(33)XN1 and | | | | later are not | | | | vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+--------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+--------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XQ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.2XR | fixed 12.4 | any release in 15.0M or | | | release.Releases up to | a fixed 12.4 release. | | | and including 12.2(4)XR | | | | are not vulnerable. | | |------------+---------------------------+--------------------------| | 12.2XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XT | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XU | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.2XV | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XW | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2YA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | 12.2YE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | 12.2YK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2YM | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.2YP | fixed 12.4 | any release in 15.0M or | | | release.Releases up to | a fixed 12.4 release. | | | and including 12.2(8)YP | | | | are not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YQ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YR | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YT | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YW | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.2ZA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZE | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZF | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZH | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | 12.2ZU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXH | |------------+---------------------------+--------------------------| | 12.2ZX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3 | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3B | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3BC | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.2SCB | in 12.2SCB | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3BW | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Releases prior to 12.3 | | | support organization per | (11)JA5 are vulnerable, | | 12.3JA | the instructions in | release 12.3(11)JA5 and | | | Obtaining Fixed Software | later are not vulnerable | | | section of this advisory | | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Releases prior to 12.3 | | | support organization per | (8)JEA4 are vulnerable, | | 12.3JEA | the instructions in | release 12.3(8)JEA4 and | | | Obtaining Fixed Software | later are not vulnerable | | | section of this advisory | | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Releases prior to 12.3 | | | support organization per | (8)JEB2 are vulnerable, | | 12.3JEB | the instructions in | release 12.3(8)JEB2 and | | | Obtaining Fixed Software | later are not vulnerable | | | section of this advisory | | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3JEC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3JED | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3JK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3JL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3JX | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3T | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XC | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; first fixed | | | Vulnerable; migrate to | in 12.4 | | 12.3XE | any release in 15.0M or a | | | | fixed 12.4 release. | Vulnerable; migrate to | | | | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Note: Releases prior to | Releases prior to 12.3 | | | 12.3(7)XI11 are | (7)XI11 are vulnerable, | | 12.3XI | vulnerable, release 12.3 | release 12.3(7)XI11 and | | | (7)XI11 and later are not | later are not vulnerable | | | vulnerable; | | |------------+---------------------------+--------------------------| | 12.3XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4XR | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XL | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XS | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XU | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4XR | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XY | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XZ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4XR | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YH | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YI | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YJ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YM | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YS | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YT | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4XR | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | 12.4(25c) | | | | | 12.4(25c) | | 12.4 | 15.0(1)M1 | | | | | 15.0(1)M1 | | | 15.0(1)M2 ; Available on | | | | 26-MAR-10 | | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4GC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4JA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4JDA | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4JDC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | 12.4(10b)JDD1 | | | | | | | | Vulnerable; Contact your | | | 12.4JDD | support organization per | 12.4(10b)JDD1 | | | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | | |------------+---------------------------+--------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4JK | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4JL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Releases prior to 12.4 | | | support organization per | (3g)JMA2 are vulnerable, | | 12.4JMA | the instructions in | release 12.4(3g)JMA2 and | | | Obtaining Fixed Software | later are not vulnerable | | | section of this advisory | | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4JMB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4JA | in 12.4JA | |------------+---------------------------+--------------------------| | | 12.4(11)MD10 | | | 12.4MD | | 12.4(24)MD | | | 12.4(15)MD4 12.4(24)MD | | |------------+---------------------------+--------------------------| | 12.4MDA | 12.4(22)MDA2 | 12.4(22)MDA2 | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4MR | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4SW | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | 12.4(22)T3 | 12.4(15)T12 | | | | | | | 12.4(20)T4 | 12.4(20)T5 | | 12.4T | | | | | 12.4(15)T10 | 12.4(24)T3; Available on | | | | 26-MAR-10 | | | 12.4(24)T2 | | | | | 12.4(22)T4 | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XC | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XE | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XF | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XJ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XM | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.4XR | 12.4(22)XR3 | 12.4(22)XR3 | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XW | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XY | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XZ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4T release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | 12.4(22)YB5 | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | 12.4(22)YE2 | 12.4(22)YE2 | | 12.4YE | | | | | 12.4(24)YE | 12.4(24)YE | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.1 based releases | +-------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== There are no workarounds to mitigate this vulnerability other than disabling the specific features that make a device vulnerable, if feasible. Additionally, allowing only legitimate devices to connect to affected devices will help limit exposure to this vulnerability. Refer to the Control Plane Policing and Configuring Infrastructure Access Lists (iACLs) subsections below for further details. Since a TCP three-way handshake is not required, to increase effectiveness, the mitigation must be coupled with anti-spoofing measures on the network edge. Specific mitigations for BGP are discussed below in the BGP Considerations subsection. Configurations Using Path MTU Discovery +-------------------------------------- PMTUD may be disabled in some of the Cisco IOS Software features that make use of PMTUD. The specific command to use to disable PMTUD varies depending on the specific feature: * TCP over IPv4: removing the "ip tcp path-mtu-discovery" command from the configuration will disable PMTUD for TCP over IPv4 sessions that originate on the device. * TCP over IPv6: PMTUD is enabled by default for IPV6 and cannot be disabled. * BGP: if BGP is configured on a recent version of Cisco IOS Software that enables PMTUD for BGP sessions, PMTUD can be disabled for all BGP sessions with the "no bgp transport path-mtu-discovery" command in router configuration mode (Cisco IOS Release 12.2(33)SRA, 12.2(31)SB, 12.2(33)SXH, 12.4(20)T, and later releases). Configurations Using Stateful NAT with TCP as the Transport Protocol +------------------------------------------------------------------- SNAT can be disabled by removing the "ip nat Stateful id" command from the configuration. Control Plane Policing +--------------------- For devices that need to offer TCP services, it is possible to use Control Plane Policing (CoPP) to block TCP traffic to the device from untrusted sources. Cisco IOS Releases 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T support the CoPP feature. CoPP may be configured on a device to protect the management and control planes to minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic sent to infrastructure devices in accordance with existing security policies and configurations. The following example can be adapted to specific network configurations: !-- The 192.168.1.0/24 network and the 172.16.1.1 host are trusted. !-- Everything else is not trusted. The following access list is used !-- to determine what traffic needs to be dropped by a control plane !-- policy (the CoPP feature.) If the access list matches (permit) !-- then traffic will be dropped and if the access list does not !-- match (deny) then traffic will be processed by the router. !-- Note that TCP ports 22 and 23 are just examples; this configuration !-- needs to be expanded to include all used TCP ports. access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 22 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 23 access-list 100 deny tcp host 172.16.1.1 any eq 22 access-list 100 deny tcp host 172.16.1.1 any eq 23 access-list 100 permit tcp any any !-- Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4 !-- traffic in accordance with existing security policies and !-- configurations for traffic that is authorized to be sent !-- to infrastructure devices. !-- Create a Class-Map for traffic to be policed by !-- the CoPP feature. class-map match-all drop-tcp-class match access-group 100 !-- Create a Policy-Map that will be applied to the !-- Control-Plane of the device, and add the "drop-tcp-traffic" !-- class map. policy-map control-plane-policy class drop-tcp-class drop !-- Apply the Policy-Map to the Control-Plane of the !-- device. control-plane service-policy input control-plane-policy Warning: Because a TCP three-way handshake is not required to exploit this vulnerability, it is possible to easily spoof the IP address of the sender, which may defeat access control lists (ACLs) that permit communication to these ports from trusted IP addresses. In the above CoPP example, the access control entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function. Additional information on the configuration and use of the CoPP feature can be found at: http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html Configuring Infrastructure Access Lists (iACLs) +---------------------------------------------- Although it is often difficult to block traffic transiting your network, it is possible to identify traffic that should never be allowed to target your infrastructure devices and block that traffic at the border of your network. Infrastructure ACLs are considered a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists" presents guidelines and recommended deployment techniques for infrastructure protection ACLs: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml BGP Considerations +----------------- BTSH/GTSM can help prevent exploitation of this vulnerability via the BGP port because packets coming from devices that do not pass the TTL check configured via BTSH are dropped before any TCP processing takes place. For information on BTSH refer to: http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_btsh.html MD5 authentication for BGP peering sessions can also help prevent exploitation via the BGP port because the MD5 hash in an attack packet is checked before processing the crafted TCP option. For a detailed discussion on how to configure BGP, refer to the following document: http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1cbgp.html Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. This vulnerability was discovered during the resolution of customer service requests. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-tcp.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqO4X86n/Gc8U/uARAkFHAJ9A2DAYpZ29R/g1lNhUM76w5ap2gQCeMbpw ThV53uGf+JfVBR8psJb8Rkc= =Rdao -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the "SCCP Packet Processing Denial of Service Vulnerability.". The problem is Bug ID : CSCsz48614 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco IOS, configured for use on Cisco Communication Manager Express, is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to crash and reload, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCsz48614. The vulnerabilities are caused due to errors in the Unified CME (Communication Manager Express) component when processing SCCP messages. SOLUTION: Please see the patch matrix for a list of fixes. http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml#software PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100324-cucme: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml OTHER REFERENCES: Cisco Applied Mitigation Bulletin: http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b20ee9.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . The vulnerabilities are triggered when the Cisco IOS device processes specific, malformed Skinny Call Control Protocol (SCCP) messages. Cisco has released free software updates that address these vulnerabilities. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-cucme.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= Cisco IOS devices, including Cisco Unified Communications 500 Series, that are configured for the Cisco Unified CME or the Cisco Unified SRST features are affected. Vulnerable Products +------------------ A Cisco IOS device that is configured for Cisco Unified CME operation displays the following output when the "show running-config" command is issued: telephony-service ... ! ephone <Ethernet phone tag> ... A Cisco IOS device that is configured for Cisco Unified SRST operation displays the following output when the "show running-config" command is issued: call-manager-fallback ... To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name is displayed in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih <output truncated> The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team <output truncated> Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XR Software is not affected. Cisco IOS XE Software is not affected. No other Cisco products are currently known to be affected by these vulnerabilities. The malformed SCCP messages can only come from registered phone IP addresses. If the auto-registration feature is enabled (Cisco Unified CME only), an attacker can register its IP address and subsequently send a malformed payload to exploit these vulnerabilities. The auto-registration feature is enabled by default. More information on auto-registration can be found at the following link: http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/command/reference/cme_a1ht.html#wp1031242 Exploitation of these vulnerabilities requires that a TCP three-way handshake to the SCCP port be completed. By default, the SCCP port is TCP port 2000, but this can be changed with the "ip source-address" command in telephony service configuration mode. These vulnerabilities are addressed by Cisco bug IDs CSCsz48614 and CSCsz49741 and have been assigned Common Vulnerabilities and Exposures (CVE) IDs CVE-2010-0585 and CVE-2010-0586, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerabilities in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCsz48614 and CSCsz49741 CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the vulnerabilities in this advisory may result in a reload of the affected device. Repeated exploitation could result in a sustained denial of service condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release for this Advisory" column of the table. The "First Fixed Release for all Advisories in 24 March 2010 Bundle Publication" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +--------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+-------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.0 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.1 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1AX | Not Vulnerable | including 12.1(11)AX are | | | | not vulnerable; first | | | | fixed in 12.2SE | |------------+---------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1E | Not Vulnerable | including 12.1(7a)E1a are | | | | not vulnerable; migrate | | | | to any release in 12.2SXF | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.1(6)EA2c are | | 12.1EA | Not Vulnerable | not vulnerable. Releases | | | | 12.1(8)EA1c and later are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.1EB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EC | Not Vulnerable | including 12.1(7)EC are | | | | not vulnerable; migrate | | | | to 12.2SCB | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EO | Not Vulnerable | including 12.1(19)EO6 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.1EY | Not Vulnerable | including 12.1(7a)EY3 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1T | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XI | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XP | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XR | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XT | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XU | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | | | Releases prior to 12.1(5) | | 12.1XV | Not Vulnerable | XV1 are vulnerable, | | | | release 12.1(5)XV1 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YB | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2 | |------------+---------------------------+---------------------------| | 12.1YC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YD | Vulnerable; migrate to | Vulnerable; migrate to | | | any release in 12.2 | any release in 12.2 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Releases prior to 12.1(5) | | 12.1YE | any release in 15.0M or a | YE6 are vulnerable, | | | fixed 12.4 release. | release 12.1(5)YE6 and | | | | later are not vulnerable. | |------------+---------------------------+---------------------------| | 12.1YF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.1YI | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.2 | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2B | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BC | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BX | any release in 12.2SB | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2BY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2BZ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2CX | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2CY | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2CZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2DD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2DX | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(37)EX are | | | | not vulnerable. | | 12.2EX | Not Vulnerable | | | | | Releases 12.2(44)EX and | | | | later are not vulnerable; | | | | first fixed in 12.2SE | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2EY | Not Vulnerable | (37)EY are vulnerable, | | | | release 12.2(37)EY and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2IRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+---------------------------| | 12.2IRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRC | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2JA | Not Vulnerable | including 12.2(4)JA1 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2JK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2MC | Releases 12.2(15)MC2b and | Vulnerable; first fixed | | | later are not vulnerable. | in 12.4 | |------------+---------------------------+---------------------------| | 12.2MRA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | 12.2S | Not Vulnerable | (30)S are vulnerable, | | | | release 12.2(30)S and | | | | later are not vulnerable; | |------------+---------------------------+---------------------------| | | | 12.2(33)SB8 | | 12.2SB | Not Vulnerable | | | | | 12.2(31)SB18; Available | | | | on 24-MAR-10 | |------------+---------------------------+---------------------------| | 12.2SBC | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2SCA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+---------------------------| | 12.2SCB | Not Vulnerable | 12.2(33)SCB6 | |------------+---------------------------+---------------------------| | 12.2SCC | Not Vulnerable | 12.2(33)SCC1 | |------------+---------------------------+---------------------------| | 12.2SCD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SE | Not Vulnerable | 12.2(50)SE4; Available on | | | | 25-MAR-10 | |------------+---------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SED | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SE | |------------+---------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (25)SEG4 are vulnerable, | | 12.2SEG | Not Vulnerable | release 12.2(25)SEG4 and | | | | later are not vulnerable; | | | | first fixed in 12.2SE | |------------+---------------------------+---------------------------| | | | Releases up to 12.2(31) | | 12.2SG | Not Vulnerable | SG1 are not vulnerable; | | | | releases 12.2(40)SG and | | | | later are not vulnerable. | |------------+---------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SRA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+---------------------------| | 12.2SRB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SRD | |------------+---------------------------+---------------------------| | 12.2SRC | Not Vulnerable | 12.2(33)SRC5 | |------------+---------------------------+---------------------------| | 12.2SRD | Not Vulnerable | 12.2(33)SRD3 | |------------+---------------------------+---------------------------| | 12.2SRE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2SU | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2SV | Not Vulnerable | including 12.2(18)SV2 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SVE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases up to and | | | | including 12.2(25)SW3 are | | | | not vulnerable. | | 12.2SW | Not Vulnerable | | | | | Releases 12.2(25)SW12 and | | | | later are not vulnerable; | | | | first fixed in 15.0M | |------------+---------------------------+---------------------------| | 12.2SX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXB | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXE | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | 12.2SXF | Not Vulnerable | 12.2(18)SXF17a | |------------+---------------------------+---------------------------| | 12.2SXH | Not Vulnerable | 12.2(33)SXH6 | |------------+---------------------------+---------------------------| | | | 12.2(33)SXI2a | | 12.2SXI | Not Vulnerable | | | | | 12.2(33)SXI3 | |------------+---------------------------+---------------------------| | 12.2SY | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | 12.2SZ | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2T | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XA | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XB | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XC | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XF | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XH | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XI | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XJ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XL | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Releases prior to 12.2 | | | | (33)XN1 are vulnerable, | | 12.2XN | Not Vulnerable | release 12.2(33)XN1 and | | | | later are not vulnerable; | | | | first fixed in 12.2SRC | |------------+---------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XQ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XR | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.2XS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2XV | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases prior to 12.2(4) | | | | YA8 are vulnerable, | Vulnerable; migrate to | | 12.2YA | release 12.2(4)YA8 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2(8) | Vulnerable; Contact your | | | YJ1 are vulnerable, | support organization per | | 12.2YJ | release 12.2(8)YJ1 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2YM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YO | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2YP | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YQ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YR | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YT | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (11)YV1 are vulnerable, | support organization per | | 12.2YV | release 12.2(11)YV1 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YW | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2YZ | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXF | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.2ZB | including 12.2(8)ZB are | the instructions in | | | not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.2ZC | including 12.2(11)ZC are | the instructions in | | | not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.2ZF | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.2ZG | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | | | | (13)ZH6 are vulnerable, | Vulnerable; migrate to | | 12.2ZH | release 12.2(13)ZH6 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZU | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SXH | |------------+---------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Vulnerable; migrate to | | | | any release in 12.2SRE | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3 | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3B | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3BC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3BW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3 | | 12.3JA | Not Vulnerable | (11)JA5 are vulnerable, | | | | release 12.3(11)JA5 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3(8) | | 12.3JEA | Not Vulnerable | JEA4 are vulnerable, | | | | release 12.3(8)JEA4 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Releases prior to 12.3(8) | | 12.3JEB | Not Vulnerable | JEB2 are vulnerable, | | | | release 12.3(8)JEB2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JEC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JED | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | | | | not vulnerable. | Vulnerable; migrate to | | 12.3JK | | any release in 15.0M or a | | | Releases 12.3(8)JK1 and | fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3T | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.3TPC | including 12.3(4)TPC11a | the instructions in | | | are not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.3(2) | | | | XA7 are vulnerable, | Vulnerable; migrate to | | 12.3XA | release 12.3(2)XA7 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; first fixed | | | Vulnerable; migrate to | in 12.4 | | 12.3XE | any release in 15.0M or a | | | | fixed 12.4 release. | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Releases prior to 12.3(7) | | 12.3XI | any release in 15.0M or a | XI11 are vulnerable, | | | fixed 12.4 release. | release 12.3(7)XI11 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XK | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XL | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3XS | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4 release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YA | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YD | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YH | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YI | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.3YJ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases prior to 12.3 | | | | (11)YK3 are vulnerable, | Vulnerable; migrate to | | 12.3YK | release 12.3(11)YK3 and | any release in 15.0M or a | | | later are not vulnerable; | fixed 12.4 release. | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YM | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YS | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | 12.4(25c) | | | | | 12.4(25c) | | 12.4 | 15.0(1)M1 | | | | | 15.0(1)M1 | | | 15.0(1)M2 ; Available on | | | | 26-MAR-10 | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Vulnerable; migrate to | support organization per | | 12.4GC | any release in 15.0M or a | the instructions in | | | fixed 12.4 release. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+---------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD | |------------+---------------------------+---------------------------| | 12.4MDA | Not Vulnerable | 12.4(22)MDA2 | |------------+---------------------------+---------------------------| | | Releases prior to 12.4 | Vulnerable; Contact your | | | (19)MR1 are vulnerable, | support organization per | | 12.4MR | release 12.4(19)MR1 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4SW | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | 12.4(22)T4 | 12.4(15)T12 | | | | | | | 12.4(20)T5 | 12.4(20)T5 | | 12.4T | | | | | 12.4(24)T3; Available on | 12.4(24)T3; Available on | | | 26-MAR-10 | 26-MAR-10 | | | | | | | 12.4(15)T12 | 12.4(22)T4 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XC | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XD | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XE | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XF | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.4(9)XG1 are | Vulnerable; migrate to | | 12.4XG | not vulnerable; Releases | any release in 15.0M or a | | | 12.4(9)XG3 and later are | fixed 12.4 release. | | | not vulnerable. | | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XJ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XK | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.4(15)XM are | | | | not vulnerable. | Vulnerable; migrate to | | 12.4XM | | any release in 15.0M or a | | | Releases 12.4(15)XM3 and | fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; migrate to | | 12.4XQ | Not Vulnerable | any release in 15.0M or a | | | | fixed 12.4 release. | |------------+---------------------------+---------------------------| | 12.4XR | Not Vulnerable | 12.4(22)XR3 | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XW | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XY | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XZ | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or a | | | fixed 12.4T release. | fixed 12.4 release. | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | 12.4(22)YB5 | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | 12.4(22)YE2 | | 12.4YE | Not Vulnerable | | | | | 12.4(24)YE | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 15.0 based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 15.1 based releases | +--------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== There are no workarounds for these vulnerabilities. However, in the case of the Cisco Unified CME feature, auto-registration can be disabled to make exploitation more difficult. Auto-registration can be disabled for the Cisco Unified CME feature by issuing the following commands: telephony-service no auto-reg-ephone Before disabling auto-registration, all phone MAC addresses need to be explicitly defined on the Cisco Unified CME. Otherwise phones will not be able to register. More information on auto-registration can be found at the following link: http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/command/reference/cme_a1ht.html#wp1031242 Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco Unified Communications Manager Express and Cisco IOS Software H.323 and Session Initiation Protocol Denial of Service Vulnerabilities", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100324-voice.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. These vulnerabilities were discovered by Cisco during internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-cucme.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqiuf86n/Gc8U/uARAvkXAKCYKDK/Ztqj2yhYKd7YlIjbg/527wCdH2Vl N7zkG2qoLfBl4KejgQa353w= =9izI -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability.". The problem is Bug ID : CSCsz48680 It is a problem.A third party may execute arbitrary code. Cisco IOS is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to crash and reload, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCsz48680. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100324-sip Revision 1.0 For Public Release 2010 March 24 1600 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device when SIP operation is enabled. Remote code execution may also be possible. Cisco has released free software updates that address these vulnerabilities. For devices that must run SIP there are no workarounds; however, mitigations are available to limit exposure of the vulnerabilities. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= These vulnerabilities only affect devices running Cisco IOS Software with SIP voice services enabled. Vulnerable Products +------------------ Cisco devices running affected Cisco IOS Software versions that are configured to process SIP messages are affected. Creating a dial peer by issuing the command "dial-peer voice" will start the SIP processes, causing the Cisco IOS device to process SIP messages. In addition, several features within Cisco Unified Communications Manager Express, such as ePhones, once configured will also automatically start the SIP process, which will cause the device to start processing SIP messages. An example of an affected configuration follows: dial-peer voice <Voice dial-peer tag> voip ... In the following example, the presence of the processes "CCSIP_UDP_SOCKET" or "CCSIP_TCP_SOCKET" indicates that the Cisco IOS device will process SIP messages: Router#show processes | include SIP 149 Mwe 40F48254 4 1 400023108/24000 0 CCSIP_UDP_SOCKET 150 Mwe 40F48034 4 1 400023388/24000 0 CCSIP_TCP_SOCKET Warning: Because there are several ways a device running Cisco IOS Software can start processing SIP messages, it is recommended that the "show processes | include SIP" command be used to determine whether the device is processing SIP messages instead of relying on the presence of specific configuration commands. Cisco Unified Border Element images are also affected by these vulnerabilities. Note: The Cisco Unified Border Element feature (previously known as the Cisco Multiservice IP-to-IP Gateway) is a special Cisco IOS Software image that runs on Cisco multiservice gateway platforms. It provides a network-to-network interface point for billing, security, call admission control, quality of service, and signaling interworking. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html. Products Confirmed Not Vulnerable +-------------------------------- The SIP Application Layer Gateway (ALG), which is used by the Cisco IOS NAT and firewall features of Cisco IOS Software, is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= SIP is a popular signaling protocol that is used to manage voice and video calls across IP networks such as the Internet. SIP is responsible for handling all aspects of call setup and termination. Voice and video are the most popular types of sessions that SIP handles, but the protocol has the flexibility to accommodate other applications that require call setup and termination. SIP call signaling can use UDP (port 5060), TCP (port 5060), or TLS (TCP port 5061) as the underlying transport protocol. In cases where SIP is running over TCP transport, a TCP three-way handshake is necessary to exploit these vulnerabilities. These vulnerabilities are addressed by Cisco bug IDs CSCsz48680, CSCsz89904, and CSCtb93416, and have been assigned Common Vulnerabilities and Exposures (CVE) IDs CVE-2010-0580, CVE-2010-0581, and CVE-2010-0579, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerabilities in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCsz89904 and CSCtb93416 CVSS Base Score - 10 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete CVSS Temporal Score - 8.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsz48680 CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the vulnerabilities in this advisory may result in a reload of the device. Repeated exploitation could result in a sustained denial of service condition. In the event of successful remote code execution, device integrity could be completely compromised. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release for this Advisory" column of the table. The "First Fixed Release for all Advisories in 24 March 2010 Bundle Publication" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.1 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.2 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3 | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3B | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3BC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3BW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JA | Not Vulnerable | (11)JA5 are vulnerable, | | | | release 12.3(11)JA5 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JEA | Not Vulnerable | (8)JEA4 are vulnerable, | | | | release 12.3(8)JEA4 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JEB | Not Vulnerable | (8)JEB2 are vulnerable, | | | | release 12.3(8)JEB2 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JEC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JED | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | | | | not vulnerable. | Vulnerable; migrate to | | 12.3JK | | any release in 15.0M or | | | Releases 12.3(8)JK1 and | a fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4 | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.3T | fixed 12.4 release. | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(4)T11 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; first fixed | | | | in 12.4 | | 12.3XE | Not Vulnerable | | | | | Vulnerable; migrate to | | | | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Releases prior to 12.3 | | 12.3XI | any release in 15.0M or a | (7)XI11 are vulnerable, | | | fixed 12.4 release. | release 12.3(7)XI11 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XL | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XS | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4T release. | Vulnerable; migrate to | | 12.3XU | | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(8)XU1 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XY | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YH | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YI | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YJ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Releases prior to 12.3 | Vulnerable; migrate to | | 12.3YK | (11)YK3 are vulnerable, | any release in 15.0M or | | | release 12.3(11)YK3 and | a fixed 12.4 release. | | | later are not vulnerable; | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YM | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4T release. | Vulnerable; migrate to | | 12.3YS | | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(11)YS1 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YT | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | 12.4(25c) | | | | | 12.4(25c) | | 12.4 | 15.0(1)M1 | | | | | 15.0(1)M1 | | | 15.0(1)M2 ; Available on | | | | 26-MAR-10 | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | Vulnerable; migrate to | support organization per | | 12.4GC | any release in 15.0M or a | the instructions in | | | fixed 12.4 release. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+--------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+--------------------------| | | 12.4(24)MD | | | | | | | | Releases prior to 12.4 | | | 12.4MD | (22)MD are not | 12.4(24)MD | | | vulnerable; Releases | | | | after 12.4(22)MD1 are not | | | | vulnerable; | | |------------+---------------------------+--------------------------| | 12.4MDA | 12.4(22)MDA2 | 12.4(22)MDA2 | |------------+---------------------------+--------------------------| | | Releases prior to 12.4(9) | Vulnerable; Contact your | | | MR are vulnerable, | support organization per | | 12.4MR | release 12.4(9)MR and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4SW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | 12.4(15)T12 | | | 12.4(24)T3; Releases | | | | prior to 12.4(24)T3 are | 12.4(20)T5 | | 12.4T | vulnerable, release 12.4 | | | | (24)T3 and later are not | 12.4(24)T3; Available on | | | vulnerable; | 26-MAR-10 | | | | | | | | 12.4(22)T4 | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XE | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XF | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XG | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XJ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XK | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XM | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XQ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | 12.4(22)XR3; | | | | | | | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | 12.4XR | fixed 12.4T release. | 12.4(22)XR3 | | | | | | | Releases up to and | | | | including 12.4(15)XR8 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XV | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XY | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | 12.4(22)YB5 | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | 12.4(22)YE2 | 12.4(22)YE2 | | 12.4YE | | | | | 12.4(24)YE | 12.4(24)YE | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.1 based releases | +-------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== If the affected Cisco IOS device requires SIP for VoIP services, SIP cannot be disabled, and no workarounds are available. Users are advised to apply mitigation techniques to help limit exposure to the vulnerabilities. Mitigation consists of allowing only legitimate devices to connect to affected devices. To increase effectiveness, the mitigation must be coupled with anti-spoofing measures on the network edge. This action is required because SIP can use UDP as the transport protocol. Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco Unified Communications Manager Express and Cisco IOS Software H.323 and Session Initiation Protocol Denial of Service Vulnerabilities", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100324-voice.shtml Disable SIP Listening Ports +-------------------------- For devices that do not require SIP to be enabled, the simplest and most effective workaround is to disable SIP processing on the device. Some versions of Cisco IOS Software allow administrators to disable SIP with the following commands: sip-ua no transport udp no transport tcp no transport tcp tls Warning: When applying this workaround to devices that are processing Media Gateway Control Protocol (MGCP) or H.323 calls, the device will not stop SIP processing while active calls are being processed. Under these circumstances, this workaround should be implemented during a maintenance window when active calls can be briefly stopped. The "show udp connections", "show tcp brief all", and "show processes | include SIP" commands can be used to confirm that the SIP UDP and TCP ports are closed after applying this workaround. Depending on the Cisco IOS Software version in use, the output from the "show ip sockets" command may still show the SIP ports open, but sending traffic to them will cause the SIP process to emit the following message: *Feb 2 11:36:47.691: sip_udp_sock_process_read: SIP UDP Listener is DISABLED Control Plane Policing +--------------------- For devices that need to offer SIP services it is possible to use Control Plane Policing (CoPP) to block SIP traffic to the device from untrusted sources. CoPP may be configured on a device to protect the management and control planes to minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic sent to infrastructure devices in accordance with existing security policies and configurations. The following example can be adapted to specific network configurations: !-- The 192.168.1.0/24 network and the 172.16.1.1 host are trusted. !-- Everything else is not trusted. The following access list is used !-- to determine what traffic needs to be dropped by a control plane !-- policy (the CoPP feature.) If the access list matches (permit) !-- then traffic will be dropped and if the access list does not !-- match (deny) then traffic will be processed by the router. access-list 100 deny udp 192.168.1.0 0.0.0.255 any eq 5060 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5060 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5061 access-list 100 deny udp host 172.16.1.1 any eq 5060 access-list 100 deny tcp host 172.16.1.1 any eq 5060 access-list 100 deny tcp host 172.16.1.1 any eq 5061 access-list 100 permit udp any any eq 5060 access-list 100 permit tcp any any eq 5060 access-list 100 permit tcp any any eq 5061 !-- Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4 !-- traffic in accordance with existing security policies and !-- configurations for traffic that is authorized to be sent !-- to infrastructure devices. !-- Create a Class-Map for traffic to be policed by !-- the CoPP feature. class-map match-all drop-sip-class match access-group 100 !-- Create a Policy-Map that will be applied to the !-- Control-Plane of the device. policy-map control-plane-policy class drop-sip-class drop !-- Apply the Policy-Map to the Control-Plane of the !-- device. control-plane service-policy input control-plane-policy Warning: Because SIP can use UDP as a transport protocol, it is possible to easily spoof the IP address of the sender, which may defeat access control lists that permit communication to these ports from trusted IP addresses. In the above CoPP example, the access control entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function. Additional information on the configuration and use of the CoPP feature can be found at: http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. The vulnerability addressed by CSCsz48680 was discovered during the resolution of customer service requests. The vulnerabilities addressed by CSCtb93416 and CSCsz89904 were discovered by Cisco during internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqifP86n/Gc8U/uARAmSTAJ9mz3TsxB4ykZ5wDkmmwhVBytw/CQCfcWhi GlwhypRpbcfyfEhe/zBbIxw= =orFq -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Successful exploitation requires that SIP voice services are enabled. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability.". The problem is Bug ID : CSCtb93416 Problem.Denial of service by third party (DoS) May be in a state. Cisco IOS is prone to a remote code-execution service vulnerability. The attacker can exploit this issue to execute arbitrary code with elevated privileges on affected devices. Successful exploits will completely compromise an affected device. This issue is tracked by Cisco Bug ID CSCtb93416. Remote code execution may also be possible. Cisco has released free software updates that address these vulnerabilities. For devices that must run SIP there are no workarounds; however, mitigations are available to limit exposure of the vulnerabilities. This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html Affected Products ================= These vulnerabilities only affect devices running Cisco IOS Software with SIP voice services enabled. Vulnerable Products +------------------ Cisco devices running affected Cisco IOS Software versions that are configured to process SIP messages are affected. Recent versions of Cisco IOS Software do not process SIP messages by default. An example of an affected configuration follows: dial-peer voice <Voice dial-peer tag> voip ... Cisco Unified Border Element images are also affected by these vulnerabilities. Note: The Cisco Unified Border Element feature (previously known as the Cisco Multiservice IP-to-IP Gateway) is a special Cisco IOS Software image that runs on Cisco multiservice gateway platforms. It provides a network-to-network interface point for billing, security, call admission control, quality of service, and signaling interworking. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router#show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/warp/public/620/1.html. Products Confirmed Not Vulnerable +-------------------------------- The SIP Application Layer Gateway (ALG), which is used by the Cisco IOS NAT and firewall features of Cisco IOS Software, is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= SIP is a popular signaling protocol that is used to manage voice and video calls across IP networks such as the Internet. SIP is responsible for handling all aspects of call setup and termination. Voice and video are the most popular types of sessions that SIP handles, but the protocol has the flexibility to accommodate other applications that require call setup and termination. SIP call signaling can use UDP (port 5060), TCP (port 5060), or TLS (TCP port 5061) as the underlying transport protocol. In cases where SIP is running over TCP transport, a TCP three-way handshake is necessary to exploit these vulnerabilities. These vulnerabilities are addressed by Cisco bug IDs CSCsz48680, CSCsz89904, and CSCtb93416, and have been assigned Common Vulnerabilities and Exposures (CVE) IDs CVE-2010-0580, CVE-2010-0581, and CVE-2010-0579, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerabilities in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss CSCsz89904 and CSCtb93416 CVSS Base Score - 10 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete CVSS Temporal Score - 8.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsz48680 CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the vulnerabilities in this advisory may result in a reload of the device. Repeated exploitation could result in a sustained denial of service condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release for this Advisory" column of the table. The "First Fixed Release for all Advisories in 24 March 2010 Bundle Publication" column indicates the earliest possible releases which have fixes for all the published vulnerabilities in this Cisco IOS Security Advisory bundled publication. Cisco recommends upgrading to the latest available release where possible. +-------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.1 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 12.2 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3 | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3B | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3BC | Not Vulnerable | Vulnerable; first fixed | | | | in 12.2SCB | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3BW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JA | Not Vulnerable | (11)JA5 are vulnerable, | | | | release 12.3(11)JA5 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JEA | Not Vulnerable | (8)JEA4 are vulnerable, | | | | release 12.3(8)JEA4 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Releases prior to 12.3 | | 12.3JEB | Not Vulnerable | (8)JEB2 are vulnerable, | | | | release 12.3(8)JEB2 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JEC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JED | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Releases up to and | | | | including 12.3(2)JK3 are | | | | not vulnerable. | Vulnerable; migrate to | | 12.3JK | | any release in 15.0M or | | | Releases 12.3(8)JK1 and | a fixed 12.4 release. | | | later are not vulnerable; | | | | first fixed in 12.4 | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3JX | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | Vulnerable; migrate to | | 12.3T | fixed 12.4 release. | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(4)T11 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3TPC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.3VA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.3XB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; first fixed | | | | in 12.4 | | 12.3XE | Not Vulnerable | | | | | Vulnerable; migrate to | | | | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Releases prior to 12.3 | | 12.3XI | any release in 15.0M or a | (7)XI11 are vulnerable, | | | fixed 12.4 release. | release 12.3(7)XI11 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | 12.3XJ | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XK | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XL | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XR | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XS | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4T release. | Vulnerable; migrate to | | 12.3XU | | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(8)XU1 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | 12.3XW | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XX | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3XY | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3XZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YA | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YD | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YF | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YG | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YH | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YI | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.3YJ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Releases prior to 12.3 | Vulnerable; migrate to | | 12.3YK | (11)YK3 are vulnerable, | any release in 15.0M or | | | release 12.3(11)YK3 and | a fixed 12.4 release. | | | later are not vulnerable; | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YM | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YQ | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | | fixed 12.4T release. | Vulnerable; migrate to | | 12.3YS | | any release in 15.0M or | | | Releases up to and | a fixed 12.4 release. | | | including 12.3(11)YS1 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YT | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3YU | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | 12.3YX | Vulnerable; migrate to | Vulnerable; first fixed | | | any release in 12.4XN | in 12.4XR | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.3ZA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |------------+---------------------------+--------------------------| | | 12.4(25c) | | | | | 12.4(25c) | | 12.4 | 15.0(1)M1 | | | | | 15.0(1)M1 | | | 15.0(1)M2 ; Available on | | | | 26-MAR-10 | | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | Vulnerable; migrate to | support organization per | | 12.4GC | any release in 15.0M or a | the instructions in | | | fixed 12.4 release. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JDC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JDD | Not Vulnerable | 12.4(10b)JDD1 | |------------+---------------------------+--------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JK | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Releases prior to 12.4 | | 12.4JMA | Not Vulnerable | (3g)JMA2 are vulnerable, | | | | release 12.4(3g)JMA2 and | | | | later are not vulnerable | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4JMB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | 12.4JX | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4JA | |------------+---------------------------+--------------------------| | | 12.4(24)MD | | | | | | | | Releases prior to 12.4 | | | 12.4MD | (22)MD are not | 12.4(24)MD | | | vulnerable; Releases | | | | after 12.4(22)MD1 are not | | | | vulnerable; | | |------------+---------------------------+--------------------------| | 12.4MDA | 12.4(22)MDA2 | 12.4(22)MDA2 | |------------+---------------------------+--------------------------| | | Releases prior to 12.4(9) | Vulnerable; Contact your | | | MR are vulnerable, | support organization per | | 12.4MR | release 12.4(9)MR and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4SW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | 12.4(15)T12 | | | 12.4(24)T3; Releases | | | | prior to 12.4(24)T3 are | 12.4(20)T5 | | 12.4T | vulnerable, release 12.4 | | | | (24)T3 and later are not | 12.4(24)T3; Available on | | | vulnerable; | 26-MAR-10 | | | | | | | | 12.4(22)T4 | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XB | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XC | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XD | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XE | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XF | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XG | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XJ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XK | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XL | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XM | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XN | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XQ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | 12.4(22)XR3; | | | | | | | | Vulnerable; migrate to | | | | any release in 15.0M or a | | | 12.4XR | fixed 12.4T release. | 12.4(22)XR3 | | | | | | | Releases up to and | | | | including 12.4(15)XR8 are | | | | not vulnerable. | | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4XT | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4XV | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XW | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XY | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; migrate to | | 12.4XZ | Not Vulnerable | any release in 15.0M or | | | | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | Vulnerable; migrate to | Vulnerable; migrate to | | 12.4YA | any release in 15.0M or a | any release in 15.0M or | | | fixed 12.4 release. | a fixed 12.4 release. | |------------+---------------------------+--------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.4YB | 12.4(22)YB5 | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | | 12.4(22)YE2 | 12.4(22)YE2 | | 12.4YE | | | | | 12.4(24)YE | 12.4(24)YE | |------------+---------------------------+--------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YG | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+--------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.0 based releases | |-------------------------------------------------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | all Advisories in 24 | | Releases | this Advisory | March 2010 Bundle | | | | Publication | |-------------------------------------------------------------------| | There are no affected 15.1 based releases | +-------------------------------------------------------------------+ Cisco IOS-XE Software +-------------------- +-------------------------------------------------------------------+ | IOS-XE Release | First Fixed Release | |----------------------------+--------------------------------------| | 2.1.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.2.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.3.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.4.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.5.x | Not Vulnerable | |----------------------------+--------------------------------------| | 2.6.x | Not Vulnerable | +-------------------------------------------------------------------+ Workarounds =========== If the affected Cisco IOS device requires SIP for VoIP services, SIP cannot be disabled, and no workarounds are available. Users are advised to apply mitigation techniques to help limit exposure to the vulnerabilities. Mitigation consists of allowing only legitimate devices to connect to affected devices. To increase effectiveness, the mitigation must be coupled with anti-spoofing measures on the network edge. This action is required because SIP can use UDP as the transport protocol. Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco Unified Communications Manager Express and Cisco IOS Software H.323 and Session Initiation Protocol Denial of Service Vulnerabilities", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100324-voice.shtml Disable SIP Listening Ports +-------------------------- For devices that do not require SIP to be enabled, the simplest and most effective workaround is to disable SIP processing on the device. Some versions of Cisco IOS Software allow administrators to disable SIP with the following commands: sip-ua no transport udp no transport tcp no transport tcp tls Warning: When applying this workaround to devices that are processing Media Gateway Control Protocol (MGCP) or H.323 calls, the device will not stop SIP processing while active calls are being processed. Under these circumstances, this workaround should be implemented during a maintenance window when active calls can be briefly stopped. The "show udp connections", "show tcp brief all", and "show processes | include SIP" commands can be used to confirm that the SIP UDP and TCP ports are closed after applying this workaround. Depending on the Cisco IOS Software version in use, the output from the "show ip sockets" command may still show the SIP ports open, but sending traffic to them will cause the SIP process to emit the following message: *Feb 2 11:36:47.691: sip_udp_sock_process_read: SIP UDP Listener is DISABLED Control Plane Policing +--------------------- For devices that need to offer SIP services it is possible to use Control Plane Policing (CoPP) to block SIP traffic to the device from untrusted sources. CoPP may be configured on a device to protect the management and control planes to minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic sent to infrastructure devices in accordance with existing security policies and configurations. The following example can be adapted to specific network configurations: !-- The 192.168.1.0/24 network and the 172.16.1.1 host are trusted. !-- Everything else is not trusted. The following access list is used !-- to determine what traffic needs to be dropped by a control plane !-- policy (the CoPP feature.) If the access list matches (permit) !-- then traffic will be dropped and if the access list does not !-- match (deny) then traffic will be processed by the router. access-list 100 deny udp 192.168.1.0 0.0.0.255 any eq 5060 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5060 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5061 access-list 100 deny udp host 172.16.1.1 any eq 5060 access-list 100 deny tcp host 172.16.1.1 any eq 5060 access-list 100 deny tcp host 172.16.1.1 any eq 5061 access-list 100 permit udp any any eq 5060 access-list 100 permit tcp any any eq 5060 access-list 100 permit tcp any any eq 5061 !-- Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4 !-- traffic in accordance with existing security policies and !-- configurations for traffic that is authorized to be sent !-- to infrastructure devices. !-- Create a Class-Map for traffic to be policed by !-- the CoPP feature. class-map match-all drop-sip-class match access-group 100 !-- Create a Policy-Map that will be applied to the !-- Control-Plane of the device. policy-map control-plane-policy class drop-sip-class drop !-- Apply the Policy-Map to the Control-Plane of the !-- device. control-plane service-policy input control-plane-policy Warning: Because SIP can use UDP as a transport protocol, it is possible to easily spoof the IP address of the sender, which may defeat access control lists that permit communication to these ports from trusted IP addresses. In the above CoPP example, the access control entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function. Additional information on the configuration and use of the CoPP feature can be found at: http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. The vulnerability addressed by CSCsz48680 was discovered during the resolution of customer service requests. The vulnerabilities addressed by CSCtb93416 and CSCsz89904 were discovered by Cisco during internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-------------------------------------------------------------------+ | Revision 1.0 | 2010-March-24 | Initial public release | +-------------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- iD8DBQFLqifP86n/Gc8U/uARAmSTAJ9mz3TsxB4ykZ5wDkmmwhVBytw/CQCfcWhi GlwhypRpbcfyfEhe/zBbIxw= =orFq -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Successful exploitation requires that SIP voice services are enabled. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. OpenSSL versions 0.9.8f through 0.9.8m are vulnerable. Affected versions depend on the C compiler used with OpenSSL: - If 'short' is a 16-bit integer, this issue applies only to OpenSSL 0.9.8m. - Otherwise, this issue applies to OpenSSL 0.9.8f through 0.9.8m. If upgrading is not immediately possible, the source code patch provided in this advisory should be applied. Bodo Moeller and Adam Langley (Google) have identified the vulnerability and prepared the fix. Patch ----- --- ssl/s3_pkt.c 24 Jan 2010 13:52:38 -0000 1.57.2.9 +++ ssl/s3_pkt.c 24 Mar 2010 00:00:00 -0000 @@ -291,9 +291,9 @@ if (version != s->version) { SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - /* Send back error using their - * version number :-) */ - s->version=version; + if ((s->version & 0xFF00) == (version & 0xFF00)) + /* Send back error using their minor version number :-) */ + s->version = (unsigned short)version; al=SSL_AD_PROTOCOL_VERSION; goto f_err; } References ---------- This vulnerability is tracked as CVE-2010-0740. URL for this Security Advisory: https://www.openssl.org/news/secadv_20100324.txt . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0003 Synopsis: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Issue date: 2011-02-10 Updated on: 2011-02-10 (initial release of advisory) CVE numbers: --- Apache Tomcat --- CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-3548 CVE-2010-2227 CVE-2010-1157 --- Apache Tomcat Manager --- CVE-2010-2928 --- cURL --- CVE-2010-0734 --- COS Kernel --- CVE-2010-1084 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 CVE-2010-0008 CVE-2010-0415 CVE-2010-0437 CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0307 CVE-2010-1086 CVE-2010-0410 CVE-2010-0730 CVE-2010-1085 CVE-2010-0291 CVE-2010-0622 CVE-2010-1087 CVE-2010-1173 CVE-2010-1437 CVE-2010-1088 CVE-2010-1187 CVE-2010-1436 CVE-2010-1641 CVE-2010-3081 --- Microsoft SQL Express --- CVE-2008-5416 CVE-2008-0085 CVE-2008-0086 CVE-2008-0107 CVE-2008-0106 --- OpenSSL --- CVE-2010-0740 CVE-2010-0433 CVE-2010-3864 CVE-2010-2939 --- Oracle (Sun) JRE --- CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 CVE-2010-0886 CVE-2010-3556 CVE-2010-3566 CVE-2010-3567 CVE-2010-3550 CVE-2010-3561 CVE-2010-3573 CVE-2010-3565 CVE-2010-3568 CVE-2010-3569 CVE-2010-1321 CVE-2010-3548 CVE-2010-3551 CVE-2010-3562 CVE-2010-3571 CVE-2010-3554 CVE-2010-3559 CVE-2010-3572 CVE-2010-3553 CVE-2010-3549 CVE-2010-3557 CVE-2010-3541 CVE-2010-3574 --- pam_krb5 --- CVE-2008-3825 CVE-2009-1384 - ------------------------------------------------------------------------ 1. Summary Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues. 2. Relevant releases vCenter Server 4.1 without Update 1, vCenter Update Manager 4.1 without Update 1, ESXi 4.1 without patch ESXi410-201101201-SG, ESX 4.1 without patch ESX410-201101201-SG. 3. Problem Description a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database solutions need not update for these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086, CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL Express Service Pack 3. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned Update Manager 4.1 Windows Update 1 Update Manager 4.0 Windows affected, patch pending Update Manager 1.0 Windows affected, no patch planned hosted * any any not affected ESXi any ESXi not affected ESX any ESX not affected * Hosted products are VMware Workstation, Player, ACE, Fusion. b. vCenter Apache Tomcat Management Application Credential Disclosure The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon credentials are not present in the configuration file after the update. VMware would like to thank Claudio Criscione of Secure Networking for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-2928 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows not affected VirtualCenter 2.5 Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX any ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21 Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name to the security issue fixed in Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows not applicable ** VirtualCenter 2.5 Windows not applicable ** Update Manager 4.1 Windows not applicable ** Update Manager 4.0 Windows not applicable ** Update Manager 1.0 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX not applicable ** ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.5.0 family d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566, CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573, CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555, CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562, CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572, CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541, CVE-2010-3574. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows not applicable ** vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned Update Manager 4.1 Windows Update 1 Update Manager 4.0 Windows affected, patch pending Update Manager 1.0 Windows affected, no patch planned hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX not applicable ** ESX 4.0 ESX affected, patch pending ESX 3.5 ESX affected, no patch planned ESX 3.0.3 ESX affected, no patch planned * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28 Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache Tomcat The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i and CVE-2009-3548. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Apache Tomcat 5.5 family f. vCenter Server third party component OpenSSL updated to version 0.9.8n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0740 and CVE-2010-0433 to the issues addressed in this version of OpenSSL. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned hosted * any any not applicable ESXi any ESXi not applicable ESX any ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. g. ESX third party component OpenSSL updated to version 0.9.8p The version of the ESX OpenSSL library is updated to 0.9.8p. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3864 and CVE-2010-2939 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi 4.1 ESXi ESXi410-201101201-SG ESXi 4.0 ESXi affected, patch pending ESXi 3.5 ESXi affected, patch pending ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending * hosted products are VMware Workstation, Player, ACE, Fusion. h. ESXi third party component cURL updated The version of cURL library in ESXi is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi 4.1 ESXi ESXi410-201101201-SG ESXi 4.0 ESXi affected, patch pending ESXi 3.5 ESXi affected, patch pending ESX any ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. i. ESX third party component pam_krb5 updated The version of pam_krb5 library is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3825 and CVE-2009-1384 to the issues addressed in the update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX not affected ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. j. ESX third party update for Service Console kernel The Service Console kernel is updated to include kernel version 2.6.18-194.11.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070, CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524, CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086, CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437, CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and CVE-2010-3081 to the issues addressed in the update. Note: This update also addresses the 64-bit compatibility mode stack pointer underflow issue identified by CVE-2010-3081. This issue was patched in an ESX 4.1 patch prior to the release of ESX 4.1 Update 1. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware vCenter Server 4.1 Update 1 and modules ---------------------------------------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html File type: .iso md5sum: 729cf247aa5d33ceec431c86377eee1a sha1sum: c1e10a5fcbc1ae9d13348d43541d574c563d66f0 File type: .zip md5sum: fd1441bef48a153f2807f6823790e2f0 sha1sum: 31737a816ed1c08ab3a505fb6db2483f49ad7c19 VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESXi 4.1 Installable Update 1 ----------------------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html http://kb.vmware.com/kb/1027919 File type: .iso MD5SUM: d68d6c2e040a87cd04cd18c04c22c998 SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.1) File type: .zip MD5SUM: 2f1e009c046b20042fae3b7ca42a840f SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.0) File type: .zip MD5SUM: 67b924618d196dafaf268a7691bd1a0f SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 3.5) File type: .zip MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4 SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488 VMware Tools CD image for Linux Guest OSes File type: .iso MD5SUM: dad66fa8ece1dd121c302f45444daa70 SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af VMware vSphere Client File type: .exe MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESXi Installable Update 1 contains the following security bulletins: ESXi410-201101201-SG. ESX 4.1 Update 1 ---------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html http://kb.vmware.com/kb/1029353 ESX 4.1 Update 1 (DVD ISO) File type: .iso md5sum: b9a275b419a20c7bedf31c0bf64f504e sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11 ESX 4.1 Update 1 (upgrade ZIP from ESX 4.1) File type: .zip md5sum: 2d81a87e994aa2b329036f11d90b4c14 sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798 Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1 File type: .zip md5sum: 75f8cebfd55d8a81deb57c27def963c2 sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2 ESX 4.1 Update 1 (upgrade ZIP from ESX 4.0) File type: .zip md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2 sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922 VMware Tools CD image for Linux Guest OSes File type: .iso md5sum: dad66fa8ece1dd121c302f45444daa70 sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESX410-Update01 contains the following security bulletins: ESX410-201101201-SG (COS kernel, pam_krb5, cURL, OpenSSL, Apache Tomcat, Oracle (Sun) JRE) | http://kb.vmware.com/kb/1027904 ESX410-201101226-SG (glibc) | http://kb.vmware.com/kb/1031330 ESX410-Update01 also contains the following non-security bulletins ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG, ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG, ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG, ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG, ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG, ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG. To install an individual bulletin use esxupdate with the -b option. 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2928 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4308 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574 - ------------------------------------------------------------------------ 6. Change log 2011-02-10 VMSA-2011-0003 Initial security advisory in conjunction with the release of vCenter Server 4.1 Update 1, vCenter Update Manager 4.1 Update 1, ESXi 4.1 Update 1, and ESX 4.1 Update 1 on 2011-02-10. - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2011 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAk1U1eoACgkQS2KysvBH1xm3swCfeh4sWvPOubDT1K7QlRj3SjW9 dxYAmwbNLMR9IG/rKZDYh9hqcf4IldCX =2pVj -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 09, 2011 Bugs: #303739, #308011, #322575, #332027, #345767, #347623, #354139, #382069 ID: 201110-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities were found in OpenSSL, allowing for the execution of arbitrary code and other attacks. Background ========== OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.0.0e >= 1.0.0e Description =========== Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. Impact ====== A context-dependent attacker could cause a Denial of Service, possibly execute arbitrary code, bypass intended key requirements, force the downgrade to unintended ciphers, bypass the need for knowledge of shared secrets and successfully authenticate, bypass CRL validation, or obtain sensitive information in applications that use OpenSSL. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.0e" NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 17, 2011. It is likely that your system is already no longer affected by most of these issues. References ========== [ 1 ] CVE-2009-3245 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245 [ 2 ] CVE-2009-4355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355 [ 3 ] CVE-2010-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433 [ 4 ] CVE-2010-0740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740 [ 5 ] CVE-2010-0742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742 [ 6 ] CVE-2010-1633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633 [ 7 ] CVE-2010-2939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939 [ 8 ] CVE-2010-3864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864 [ 9 ] CVE-2010-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180 [ 10 ] CVE-2010-4252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252 [ 11 ] CVE-2011-0014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014 [ 12 ] CVE-2011-3207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207 [ 13 ] CVE-2011-3210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201110-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02079216 Version: 1 HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2010-04-13 Last Updated: 2010-04-13 Potential Security Impact: Remote unauthorized information disclosure, unauthorized data modification, Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities has been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely for unauthorized information disclosure, unauthorized data modification, and to create a Denial of Service (DoS). HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08n. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-3245 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2009-4355 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided upgrades to resolve these vulnerabilities. The upgrades are available from the following location. Host / Account / Password ftp.usa.hp.com / sb02517 / Secure12 HP-UX Release / Depot Name / SHA-1 digest B.11.11 PA (32 and 64) / OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot / 2FE85DEE859C93F9D02A69666A455E9A7442DC5D B.11.23 (PA and IA) / OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot / 69F9AEE88F89C53FFE6794822F6A843F312384CD B.11.31 (PA and IA) / OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot / 07A205AA57B4BDF98B65D31287CDCBE3B9F011D5 MANUAL ACTIONS: Yes - Update Install OpenSSL A.00.09.08n or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.001 or subsequent HP-UX B.11.23 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.002 or subsequent HP-UX B.11.31 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.003 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) 13 April 2010 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Apache-based Web Server is contained in the Apache Web Server Suite. The upgrades are available from the following location: URL http://software.hp.com Note: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09 Note: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15 Web Server Suite Version / HP-UX Release / Depot name Web Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot Web Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot Web Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot Web Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot Web Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot Web Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot Web Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot MANUAL ACTIONS: Yes - Update Install Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent or Install Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. Update: Packages for 2009.0 are provided due to the Extended Maintenance Program. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 1f42cf30ee84314be4125a070709d239 2009.0/i586/libopenssl0.9.8-0.9.8h-3.7mdv2009.0.i586.rpm 372bffd962ced1965c33b752def70b8b 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdv2009.0.i586.rpm ace965066796e71bf4ecf4af6bc831c5 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.i586.rpm a6e08ca29b012c695e0763f6fd15fac1 2009.0/i586/openssl-0.9.8h-3.7mdv2009.0.i586.rpm 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: f6748700d01abc7e33053e339575cede 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdv2009.0.x86_64.rpm b53a75b4c732a3371a3bcd0e8ed47481 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm 187bff89c19e2d65ccc5c640a32d0cc7 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm 1d6f6fca3b51e498359cbbbde07a4a0e 2009.0/x86_64/openssl-0.9.8h-3.7mdv2009.0.x86_64.rpm 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLzKP9mqjQ0CJFipgRAsUVAJkBjISC/NXul8GxUaeiBPsnb6gRNQCgt+ty X3hfPZSWARaTxUmX7P/4FDM= =FrW5 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it

Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010. User interaction is required in that a target must open a malicious file or visit a malicious page.The specific flaw exists within the routine TType1ParsingContext::SpecialEncoding() defined in libFontParser.dylib. While parsing glyphs from a PDF document, a malformed offset greater than 0x400 can result in a heap corruption which can be leveraged by an attacker to execute arbitrary code under the context of the current user. Apple Safari is a web browser software. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT4131 -- Disclosure Timeline: 2010-03-26 - Vulnerability reported to vendor 2010-04-14 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Charlie Miller -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi. This can be exploited to corrupt memory e.g. via a specially crafted PDF file opened in Preview. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in Mac OS X Server 10.5, Mac OS X 10.5, Mac OS X 10.6, and Mac OS X Server 10.6. SOLUTION: Apply Security Update 2010-003. Security Update 2010-003 (Snow Leopard): http://support.apple.com/kb/DL1029 Security Update 2010-003 (Leopard-Client): http://support.apple.com/kb/DL1027 Security Update 2010-003 (Leopard-Server): http://support.apple.com/kb/DL1028 PROVIDED AND/OR DISCOVERED BY: Charlie Miller, reported via ZDI. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4131 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-076/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. Safari is prone to a security bypass vulnerability. Apple Safari is a WEB browser used by the Apple family of operating systems. An integer overflow vulnerability exists in Apple Safari

The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections. (TCP Stop function ) There is a possibility of being put into a state. Lexmark laser printers are popular printer devices. Some of the Lemark printers and MarkNet devices contain a security vulnerability in the FTP service. A remote attacker can submit a special request that causes the printer FTP to stop responding. Duplicate requests can cause the printer to ignore inbound TCP network connections to other services. Lexmark products implement a \"flood flood\" attack protection mechanism by limiting the number of simultaneous network connections. This protection mechanism is implemented on most TCP service ports (21/FTP 79/Finger, 515/LPD, 631/IPP, 5001, 9100-9104). , 9200, 9300, 9400, 9500-9501 & 9600). However, when the passive FTP connection is dropped, the FTP service exception handler does not properly maintain the \"flood flood\" protection status. Once enough passive FTP connections are timed out (usually 15), the \"flood flood\" attack protection will be enabled. Was reset. Exploiting this issue allows remote attackers to cause the device to enable flood protection indefinitely, effectively denying service to legitimate users. Please see the vendor advisory for a list of affected products and versions. SOLUTION: Please see the vendor advisory for details on how to obtain an updated firmware or to apply a workaround. PROVIDED AND/OR DISCOVERED BY: Francis Provencher, Protek Research Lab's ORIGINAL ADVISORY: Lexmark: http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US Protek Research Lab's: http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser printers and multi-function printers allows remote attackers to execute arbitrary code or cause a denial of service (device hang) via a long argument to a PJL INQUIRE command. Lexmark laser printers are popular printer devices. The attacker submits a specially constructed PJL command to the printer, which can inject information into the embedded microprocessor stack, and successfully exploit the vulnerability to execute arbitrary code on the affected printer. Multiple Lexmark laser printers are prone to a remote stack-based buffer-overflow vulnerability because the devices fail to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code. Failed exploit attempts will result in a denial-of-service condition

Cafu is an open source game and 3D graphics engine. Cafu has multiple security vulnerabilities that can be exploited by remote attackers to perform denial of service or arbitrary code execution attacks. - Handling an incomplete \"CS0_RemoteConsoleCommand\" message triggers a null pointer reference and crashes the server. - When the client prints a chat message with a format string error, submitting a specially constructed message can corrupt the memory and can cause arbitrary instructions to be executed with application privileges. ---------------------------------------------------------------------- Use WSUS to deploy 3rd party patches Public BETA http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Cafu Denial of Service and Format String Vulnerabilities SECUNIA ADVISORY ID: SA39054 VERIFY ADVISORY: http://secunia.com/advisories/39054/ DESCRIPTION: Luigi Auriemma has reported two vulnerabilities in Cafu, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the engine. 1) A NULL-pointer dereference when processing incomplete "CS0_RemoteConsoleCommand" packets can be exploited to crash an affected server. 2) A format string error when a client e.g. The vulnerabilities are reported in version 9.06. Other versions may also be affected. SOLUTION: Use the engine in trusted networks only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/cafux-adv.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters. Mozilla Firefox is prone to a remote memory-corruption vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Firefox 3.6 for Apple Mac OS X is vulnerable. NOTE: This issue was previously covered in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but has been assigned its own record to better document it. Users are tricked into visiting malicious web pages, causing the browser to crash or execute arbitrary code. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. Background ========== Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround ========== There is no known workaround at this time. Resolution ========== All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" All users of the Mozilla Firefox binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" All users of the Mozilla Thunderbird binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" All Mozilla SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1" All users of the Mozilla SeaMonkey binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14" All NSS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14" The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: # emerge --unmerge "www-client/icecat" Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner" Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner-bin" References ========== [ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

JavaScriptCore.dll, as used in Apple Safari 4.0.5 on Windows XP SP3, allows remote attackers to cause a denial of service (application crash) via an HTML document composed of many successive occurrences of the <object> substring. HTML Service disruption through documentation ( Application crash ) There is a possibility of being put into a state. Apple Safari is prone to a remote denial-of-service vulnerability. Successful exploits may allow an attacker to crash the affected browser, resulting in a denial-of-service condition. Given the nature of this issue, memory corruption or code execution might be possible, but has not been confirmed. Safari 4.0.5 for Windows is vulnerable; other versions may also be affected. Apple Safari is a WEB browser used by the Apple family of operating systems

No$gba is an NDS simulator. No$gba handles buffer overflows in \".nds\" files, and remote attackers can exploit vulnerabilities to crash applications. Successful exploitation of a vulnerability can execute arbitrary instructions with application privileges. no$gba is prone to a remote buffer-overflow vulnerability because it fails to perform adequate bounds checks on user-supplied input. Failed attacks will cause denial-of-service conditions. no$gba 2.5c is vulnerable; other versions may also be affected

Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service (memory corruption) via a large number of Bluetooth sockets, related to the size of sysfs files in (1) net/bluetooth/l2cap.c, (2) net/bluetooth/rfcomm/core.c, (3) net/bluetooth/rfcomm/sock.c, and (4) net/bluetooth/sco.c. Local attackers may be able to exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Remote attackers may exploit this issue to cause a denial-of-service condition. Versions prior to the Linux kernel 2.6.34-rc2-git1 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0003 Synopsis: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Issue date: 2011-02-10 Updated on: 2011-02-10 (initial release of advisory) CVE numbers: --- Apache Tomcat --- CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-3548 CVE-2010-2227 CVE-2010-1157 --- Apache Tomcat Manager --- CVE-2010-2928 --- cURL --- CVE-2010-0734 --- COS Kernel --- CVE-2010-1084 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 CVE-2010-0008 CVE-2010-0415 CVE-2010-0437 CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0307 CVE-2010-1086 CVE-2010-0410 CVE-2010-0730 CVE-2010-1085 CVE-2010-0291 CVE-2010-0622 CVE-2010-1087 CVE-2010-1173 CVE-2010-1437 CVE-2010-1088 CVE-2010-1187 CVE-2010-1436 CVE-2010-1641 CVE-2010-3081 --- Microsoft SQL Express --- CVE-2008-5416 CVE-2008-0085 CVE-2008-0086 CVE-2008-0107 CVE-2008-0106 --- OpenSSL --- CVE-2010-0740 CVE-2010-0433 CVE-2010-3864 CVE-2010-2939 --- Oracle (Sun) JRE --- CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 CVE-2010-0886 CVE-2010-3556 CVE-2010-3566 CVE-2010-3567 CVE-2010-3550 CVE-2010-3561 CVE-2010-3573 CVE-2010-3565 CVE-2010-3568 CVE-2010-3569 CVE-2010-1321 CVE-2010-3548 CVE-2010-3551 CVE-2010-3562 CVE-2010-3571 CVE-2010-3554 CVE-2010-3559 CVE-2010-3572 CVE-2010-3553 CVE-2010-3549 CVE-2010-3557 CVE-2010-3541 CVE-2010-3574 --- pam_krb5 --- CVE-2008-3825 CVE-2009-1384 - ------------------------------------------------------------------------ 1. Summary Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues. 2. Relevant releases vCenter Server 4.1 without Update 1, vCenter Update Manager 4.1 without Update 1, ESXi 4.1 without patch ESXi410-201101201-SG, ESX 4.1 without patch ESX410-201101201-SG. 3. Problem Description a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database solutions need not update for these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086, CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL Express Service Pack 3. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned Update Manager 4.1 Windows Update 1 Update Manager 4.0 Windows affected, patch pending Update Manager 1.0 Windows affected, no patch planned hosted * any any not affected ESXi any ESXi not affected ESX any ESX not affected * Hosted products are VMware Workstation, Player, ACE, Fusion. b. vCenter Apache Tomcat Management Application Credential Disclosure The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon credentials are not present in the configuration file after the update. VMware would like to thank Claudio Criscione of Secure Networking for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-2928 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows not affected VirtualCenter 2.5 Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX any ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21 Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name to the security issue fixed in Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows not applicable ** VirtualCenter 2.5 Windows not applicable ** Update Manager 4.1 Windows not applicable ** Update Manager 4.0 Windows not applicable ** Update Manager 1.0 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX not applicable ** ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.5.0 family d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566, CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573, CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555, CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562, CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572, CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541, CVE-2010-3574. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows not applicable ** vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned Update Manager 4.1 Windows Update 1 Update Manager 4.0 Windows affected, patch pending Update Manager 1.0 Windows affected, no patch planned hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX not applicable ** ESX 4.0 ESX affected, patch pending ESX 3.5 ESX affected, no patch planned ESX 3.0.3 ESX affected, no patch planned * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28 Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache Tomcat The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i and CVE-2009-3548. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Apache Tomcat 5.5 family f. vCenter Server third party component OpenSSL updated to version 0.9.8n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0740 and CVE-2010-0433 to the issues addressed in this version of OpenSSL. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned hosted * any any not applicable ESXi any ESXi not applicable ESX any ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. g. ESX third party component OpenSSL updated to version 0.9.8p The version of the ESX OpenSSL library is updated to 0.9.8p. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3864 and CVE-2010-2939 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi 4.1 ESXi ESXi410-201101201-SG ESXi 4.0 ESXi affected, patch pending ESXi 3.5 ESXi affected, patch pending ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending * hosted products are VMware Workstation, Player, ACE, Fusion. h. ESXi third party component cURL updated The version of cURL library in ESXi is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi 4.1 ESXi ESXi410-201101201-SG ESXi 4.0 ESXi affected, patch pending ESXi 3.5 ESXi affected, patch pending ESX any ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. i. ESX third party component pam_krb5 updated The version of pam_krb5 library is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3825 and CVE-2009-1384 to the issues addressed in the update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX not affected ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. j. ESX third party update for Service Console kernel The Service Console kernel is updated to include kernel version 2.6.18-194.11.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070, CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524, CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086, CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437, CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and CVE-2010-3081 to the issues addressed in the update. Note: This update also addresses the 64-bit compatibility mode stack pointer underflow issue identified by CVE-2010-3081. This issue was patched in an ESX 4.1 patch prior to the release of ESX 4.1 Update 1. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware vCenter Server 4.1 Update 1 and modules ---------------------------------------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html File type: .iso md5sum: 729cf247aa5d33ceec431c86377eee1a sha1sum: c1e10a5fcbc1ae9d13348d43541d574c563d66f0 File type: .zip md5sum: fd1441bef48a153f2807f6823790e2f0 sha1sum: 31737a816ed1c08ab3a505fb6db2483f49ad7c19 VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESXi 4.1 Installable Update 1 ----------------------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html http://kb.vmware.com/kb/1027919 File type: .iso MD5SUM: d68d6c2e040a87cd04cd18c04c22c998 SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.1) File type: .zip MD5SUM: 2f1e009c046b20042fae3b7ca42a840f SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.0) File type: .zip MD5SUM: 67b924618d196dafaf268a7691bd1a0f SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 3.5) File type: .zip MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4 SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488 VMware Tools CD image for Linux Guest OSes File type: .iso MD5SUM: dad66fa8ece1dd121c302f45444daa70 SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af VMware vSphere Client File type: .exe MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESXi Installable Update 1 contains the following security bulletins: ESXi410-201101201-SG. ESX 4.1 Update 1 ---------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html http://kb.vmware.com/kb/1029353 ESX 4.1 Update 1 (DVD ISO) File type: .iso md5sum: b9a275b419a20c7bedf31c0bf64f504e sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11 ESX 4.1 Update 1 (upgrade ZIP from ESX 4.1) File type: .zip md5sum: 2d81a87e994aa2b329036f11d90b4c14 sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798 Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1 File type: .zip md5sum: 75f8cebfd55d8a81deb57c27def963c2 sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2 ESX 4.1 Update 1 (upgrade ZIP from ESX 4.0) File type: .zip md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2 sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922 VMware Tools CD image for Linux Guest OSes File type: .iso md5sum: dad66fa8ece1dd121c302f45444daa70 sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESX410-Update01 contains the following security bulletins: ESX410-201101201-SG (COS kernel, pam_krb5, cURL, OpenSSL, Apache Tomcat, Oracle (Sun) JRE) | http://kb.vmware.com/kb/1027904 ESX410-201101226-SG (glibc) | http://kb.vmware.com/kb/1031330 ESX410-Update01 also contains the following non-security bulletins ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG, ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG, ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG, ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG, ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG, ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG. To install an individual bulletin use esxupdate with the -b option. 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2928 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4308 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574 - ------------------------------------------------------------------------ 6. Change log 2011-02-10 VMSA-2011-0003 Initial security advisory in conjunction with the release of vCenter Server 4.1 Update 1, vCenter Update Manager 4.1 Update 1, ESXi 4.1 Update 1, and ESX 4.1 Update 1 on 2011-02-10. - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2011 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAk1U1eoACgkQS2KysvBH1xm3swCfeh4sWvPOubDT1K7QlRj3SjW9 dxYAmwbNLMR9IG/rKZDYh9hqcf4IldCX =2pVj -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-947-1 June 03, 2010 linux, linux-source-2.6.15 vulnerabilities CVE-2009-4271, CVE-2009-4537, CVE-2010-0008, CVE-2010-0298, CVE-2010-0306, CVE-2010-0419, CVE-2010-0437, CVE-2010-0727, CVE-2010-0741, CVE-2010-1083, CVE-2010-1084, CVE-2010-1085, CVE-2010-1086, CVE-2010-1087, CVE-2010-1088, CVE-2010-1146, CVE-2010-1148, CVE-2010-1162, CVE-2010-1187, CVE-2010-1188, CVE-2010-1488 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-55-386 2.6.15-55.84 linux-image-2.6.15-55-686 2.6.15-55.84 linux-image-2.6.15-55-amd64-generic 2.6.15-55.84 linux-image-2.6.15-55-amd64-k8 2.6.15-55.84 linux-image-2.6.15-55-amd64-server 2.6.15-55.84 linux-image-2.6.15-55-amd64-xeon 2.6.15-55.84 linux-image-2.6.15-55-hppa32 2.6.15-55.84 linux-image-2.6.15-55-hppa32-smp 2.6.15-55.84 linux-image-2.6.15-55-hppa64 2.6.15-55.84 linux-image-2.6.15-55-hppa64-smp 2.6.15-55.84 linux-image-2.6.15-55-itanium 2.6.15-55.84 linux-image-2.6.15-55-itanium-smp 2.6.15-55.84 linux-image-2.6.15-55-k7 2.6.15-55.84 linux-image-2.6.15-55-mckinley 2.6.15-55.84 linux-image-2.6.15-55-mckinley-smp 2.6.15-55.84 linux-image-2.6.15-55-powerpc 2.6.15-55.84 linux-image-2.6.15-55-powerpc-smp 2.6.15-55.84 linux-image-2.6.15-55-powerpc64-smp 2.6.15-55.84 linux-image-2.6.15-55-server 2.6.15-55.84 linux-image-2.6.15-55-server-bigiron 2.6.15-55.84 linux-image-2.6.15-55-sparc64 2.6.15-55.84 linux-image-2.6.15-55-sparc64-smp 2.6.15-55.84 Ubuntu 8.04 LTS: linux-image-2.6.24-28-386 2.6.24-28.70 linux-image-2.6.24-28-generic 2.6.24-28.70 linux-image-2.6.24-28-hppa32 2.6.24-28.70 linux-image-2.6.24-28-hppa64 2.6.24-28.70 linux-image-2.6.24-28-itanium 2.6.24-28.70 linux-image-2.6.24-28-lpia 2.6.24-28.70 linux-image-2.6.24-28-lpiacompat 2.6.24-28.70 linux-image-2.6.24-28-mckinley 2.6.24-28.70 linux-image-2.6.24-28-openvz 2.6.24-28.70 linux-image-2.6.24-28-powerpc 2.6.24-28.70 linux-image-2.6.24-28-powerpc-smp 2.6.24-28.70 linux-image-2.6.24-28-powerpc64-smp 2.6.24-28.70 linux-image-2.6.24-28-rt 2.6.24-28.70 linux-image-2.6.24-28-server 2.6.24-28.70 linux-image-2.6.24-28-sparc64 2.6.24-28.70 linux-image-2.6.24-28-sparc64-smp 2.6.24-28.70 linux-image-2.6.24-28-virtual 2.6.24-28.70 linux-image-2.6.24-28-xen 2.6.24-28.70 Ubuntu 9.04: linux-image-2.6.28-19-generic 2.6.28-19.61 linux-image-2.6.28-19-imx51 2.6.28-19.61 linux-image-2.6.28-19-iop32x 2.6.28-19.61 linux-image-2.6.28-19-ixp4xx 2.6.28-19.61 linux-image-2.6.28-19-lpia 2.6.28-19.61 linux-image-2.6.28-19-server 2.6.28-19.61 linux-image-2.6.28-19-versatile 2.6.28-19.61 linux-image-2.6.28-19-virtual 2.6.28-19.61 Ubuntu 9.10: linux-image-2.6.31-112-imx51 2.6.31-112.28 linux-image-2.6.31-214-dove 2.6.31-214.28 linux-image-2.6.31-214-dove-z0 2.6.31-214.28 linux-image-2.6.31-22-386 2.6.31-22.60 linux-image-2.6.31-22-generic 2.6.31-22.60 linux-image-2.6.31-22-generic-pae 2.6.31-22.60 linux-image-2.6.31-22-ia64 2.6.31-22.60 linux-image-2.6.31-22-lpia 2.6.31-22.60 linux-image-2.6.31-22-powerpc 2.6.31-22.60 linux-image-2.6.31-22-powerpc-smp 2.6.31-22.60 linux-image-2.6.31-22-powerpc64-smp 2.6.31-22.60 linux-image-2.6.31-22-server 2.6.31-22.60 linux-image-2.6.31-22-sparc64 2.6.31-22.60 linux-image-2.6.31-22-sparc64-smp 2.6.31-22.60 linux-image-2.6.31-22-virtual 2.6.31-22.60 linux-image-2.6.31-307-ec2 2.6.31-307.15 Ubuntu 10.04 LTS: linux-image-2.6.31-608-imx51 2.6.31-608.14 linux-image-2.6.31-802-st1-5 2.6.31-802.4 linux-image-2.6.32-205-dove 2.6.32-205.18 linux-image-2.6.32-22-386 2.6.32-22.35 linux-image-2.6.32-22-386-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-generic 2.6.32-22.35 linux-image-2.6.32-22-generic-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-generic-pae 2.6.32-22.35 linux-image-2.6.32-22-generic-pae-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-ia64 2.6.32-22.35 linux-image-2.6.32-22-ia64-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-lpia 2.6.32-22.35 linux-image-2.6.32-22-lpia-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-powerpc 2.6.32-22.35 linux-image-2.6.32-22-powerpc-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-powerpc-smp 2.6.32-22.35 linux-image-2.6.32-22-powerpc-smp-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-powerpc64-smp 2.6.32-22.35 linux-image-2.6.32-22-powerpc64-smp-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-preempt 2.6.32-22.35 linux-image-2.6.32-22-preempt-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-server 2.6.32-22.35 linux-image-2.6.32-22-server-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-sparc64 2.6.32-22.35 linux-image-2.6.32-22-sparc64-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-sparc64-smp 2.6.32-22.35 linux-image-2.6.32-22-sparc64-smp-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-versatile 2.6.32-22.35 linux-image-2.6.32-22-versatile-dbgsym 2.6.32-22.35 linux-image-2.6.32-22-virtual 2.6.32-22.35 linux-image-2.6.32-306-ec2 2.6.32-306.11 linux-image-2.6.33-501-omap 2.6.33-501.7 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. Details follow: It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. (Only affected Ubuntu 6.06 LTS.) (CVE-2009-4271) It was discovered that the r8169 network driver did not correctly check the size of Ethernet frames. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2009-4537) Wei Yongjun discovered that SCTP did not correctly validate certain chunks. A remote attacker could send specially crafted traffic to monopolize CPU resources, leading to a denial of service. (Only affected Ubuntu 6.06 LTS.) (CVE-2010-0008) It was discovered that KVM did not correctly limit certain privileged IO accesses on x86. Processes in the guest OS with access to IO regions could gain further privileges within the guest OS. (Did not affect Ubuntu 6.06 LTS.) (CVE-2010-0298, CVE-2010-0306, CVE-2010-0419) Evgeniy Polyakov discovered that IPv6 did not correctly handle certain TUN packets. (Only affected Ubuntu 8.04 LTS.) (CVE-2010-0437) Sachin Prabhu discovered that GFS2 did not correctly handle certain locks. A local attacker with write access to a GFS2 filesystem could exploit this to crash the system, leading to a denial of service. (CVE-2010-0727) Jamie Strandboge discovered that network virtio in KVM did not correctly handle certain high-traffic conditions. A remote attacker could exploit this by sending specially crafted traffic to a guest OS, causing the guest to crash, leading to a denial of service. (Only affected Ubuntu 8.04 LTS.) (CVE-2010-0741) Marcus Meissner discovered that the USB subsystem did not correctly handle certain error conditions. A local attacker with access to a USB device could exploit this to read recently used kernel memory, leading to a loss of privacy and potentially root privilege escalation. (CVE-2010-1083) Neil Brown discovered that the Bluetooth subsystem did not correctly handle large amounts of traffic. A physically proximate remote attacker could exploit this by sending specially crafted traffic that would consume all available system memory, leading to a denial of service. (Ubuntu 6.06 LTS and 10.04 LTS were not affected.) (CVE-2010-1084) Jody Bruchon discovered that the sound driver for the AMD780V did not correctly handle certain conditions. A local attacker with access to this hardward could exploit the flaw to cause a system crash, leading to a denial of service. (CVE-2010-1085) Ang Way Chuang discovered that the DVB driver did not correctly handle certain MPEG2-TS frames. An attacker could exploit this by delivering specially crafted frames to monopolize CPU resources, leading to a denial of service. (Ubuntu 10.04 LTS was not affected.) (CVE-2010-1086) Trond Myklebust discovered that NFS did not correctly handle truncation under certain conditions. A local attacker with write access to an NFS share could exploit this to crash the system, leading to a denial of service. (Ubuntu 10.04 LTS was not affected.) (CVE-2010-1087) Al Viro discovered that automount of NFS did not correctly handle symlinks under certain conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (Ubuntu 6.06 LTS and Ubuntu 10.04 LTS were not affected.) (CVE-2010-1088) Matt McCutchen discovered that ReiserFS did not correctly protect xattr files in the .reiserfs_priv directory. (CVE-2010-1146) Eugene Teo discovered that CIFS did not correctly validate arguments when creating new files. A local attacker could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges if mmap_min_addr was not set. (CVE-2010-1148) Catalin Marinas and Tetsuo Handa discovered that the TTY layer did not correctly release process IDs. A local attacker could exploit this to consume kernel resources, leading to a denial of service. (CVE-2010-1162) Neil Horman discovered that TIPC did not correctly check its internal state. A local attacker could send specially crafted packets via AF_TIPC that would cause the system to crash, leading to a denial of service. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-1187) Masayuki Nakagawa discovered that IPv6 did not correctly handle certain settings when listening. If a socket were listening with the IPV6_RECVPKTINFO flag, a remote attacker could send specially crafted traffic that would cause the system to crash, leading to a denial of service. (Only Ubuntu 6.06 LTS was affected.) (CVE-2010-1188) Oleg Nesterov discovered that the Out-Of-Memory handler did not correctly handle certain arrangements of processes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-1488) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.84.diff.gz Size/MD5: 2960435 33b09ecaf8a52ac8518c34163d53c5ef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.84.dsc Size/MD5: 2439 ddd8f898074d4b56e18fa00cecaed4d9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15.orig.tar.gz Size/MD5: 57403387 88ab0747cb8c2ceed662e0fd1b27d81d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-doc-2.6.15_2.6.15-55.84_all.deb Size/MD5: 5166142 6bb2a7cc886f5f258e598f8257386c4c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-kernel-devel_2.6.15-55.84_all.deb Size/MD5: 96900 4d56e3ffc13abbd559252d961582928e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.84_all.deb Size/MD5: 44742758 a29467cb2571e45b5ba4cc52f49d402e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 22344 22df0e2142b58bfc5089997ba68f8a32 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 44772 e38fce9b303eb280f9de5b6bf4321539 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 2312 519dde14b25bcb6f72b50b10fb2b8c42 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 36298 529530b75bc9d308a36945e253829337 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 102370 db98ff5f9e6e356af90422da4190fcba http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 38890 0d2cb99466cf014ba83ad3a38cd759f1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 49144 7e51d739d81751a717fd33393d9b5698 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 176620 61c26ebee2f9b56ab2ae781caaa78f16 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 36774 32797f4fc4204eeb5185a17019dc5cd2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 142346 50314cb83693e27a2f515836bfb81adf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 51062 c7f26b13e057743d95d90c6ed1feb7be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 140712 60824c117e8e10faa8502405dc64b756 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 287612 e599c71e4f9f791bfcbb5a8e148fa02d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 97832 923d2dbedfa2bb0ce20db2af510ec3ae http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 1652310 a49bd3692b26b2776eddd3218049ad31 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-generic_2.6.15-55.84_amd64.deb Size/MD5: 869218 c54b14fff14e6f36a6f5424bf28ba5ba http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-k8_2.6.15-55.84_amd64.deb Size/MD5: 868510 e7741f1995f864eea030c242abac8085 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-server_2.6.15-55.84_amd64.deb Size/MD5: 871276 ad7e3f9695e48c13d78024d9cebb4bdc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-xeon_2.6.15-55.84_amd64.deb Size/MD5: 870704 c3dd9b5335fa41ab82df7f691cee2a46 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.84_amd64.deb Size/MD5: 6925588 e85a966dd3fd31a092a504e4c4383820 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-generic_2.6.15-55.84_amd64.deb Size/MD5: 20817472 f8e7d44b2a3bd9dc72917fd16c2628ff http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-k8_2.6.15-55.84_amd64.deb Size/MD5: 20798306 fe88a926a6ce4b4465ad88a493a48357 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-server_2.6.15-55.84_amd64.deb Size/MD5: 21635330 8174ddfff1140d94b76678739c9f15c2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-xeon_2.6.15-55.84_amd64.deb Size/MD5: 19905746 58501fc8aca4794202804578b4e29415 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 15626 94656d1862678ee9b6a3a62f90919629 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 240372 faf0cd25cfd49759685f8a9b725e305d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 202684 fec1b04e98e48c0e354e9a47cb00d601 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 1048610 a5ff74bb5b40c0b6929d535abade30be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 1543792 217e245037c3d6c48687b594c932025b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 161696 969b188d1e7f285fc30f39e17ebd349b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 9834 c6278cf04b4dbb788d0eebaf599c005e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 80872 2fb47b12ddf5767a51bdc1d4e1f05e52 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 49294 f27115bb56ba683c95c915de40a46afc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 35162 4e92b8742d5ad65bf0d915d9c216c4ce http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 70894 c7525221ee4847b254c1839cdd4d0b31 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 6220 8d1ee1256a6d3942c10dd7731bd34d21 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 9062 f120989e7b729addea0a373b6c6b81a8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 57922 16f0dd4d6e989ec1684074667b9c1133 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 123378 b2797adf33289dd9c99525971a8d001b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 101080 0b923143d4fb260149446550b64529d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 79278 950ccff4d598e5f9c62d4ffcea1b4b66 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 1595422 5d2e9b2d898d39363c3cab3c67391c0f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 72356 2fdf60644e4d13a5c9732d48e3b6b025 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 12648 7a5b7c88d879c5f8611add807b77dff5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 33808 f48b8b878206b3f559826c9177935c7e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 138510 27d844c2fc790a35b13b9b68c0748ec0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 38938 c50f0d87787aacbb068bd4bfac99a953 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.84_amd64.udeb Size/MD5: 278876 09d4db859ee11c8c17a5c755a38e103c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 18976 1d3b491a97a3cafd02b9492bbf7f320c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 43488 3592e8676adb913653d31fd7d9254ab6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 105206 87f8b212932688293624f3c1e59c315e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 2286 a8cbb01c110d4788b8464a3ff357a6d1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 34576 0d581950d36489a0ebc2e7aa43871105 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 97044 3e789df7024c53456caf5ce65a095c3c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 37132 fb21ce86da4297933bdd3acaeb02568a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 44126 a0e10d7f107c376bd0376cbeb7589d12 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 167738 d6417b63d8c5511f21bc7857b1e6ef23 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 33950 d833056cd1d32851c93cc61d3780b258 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 137978 3c251b1f57940da0f22e496ab4d9f6d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 46902 a916219f56dc797576f7cdf42535fe44 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 133154 fdfe5b2d21ec36137e19d638cec2a39d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 273800 05e8313fec49c11084adb52deb26878d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 102328 ce88505cda9ff607c7bb685c60a4fb75 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 1597794 7a8768bb650b30137362b93c9aa2e4f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-386_2.6.15-55.84_i386.deb Size/MD5: 857150 2de1fda09c98f8c7c0f5bb5adaf4dade http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-686_2.6.15-55.84_i386.deb Size/MD5: 858572 83f459c63da9ce886855913a4012edf2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-k7_2.6.15-55.84_i386.deb Size/MD5: 859816 5fb638b3b741914410eb7fb331dc352e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-server-bigiron_2.6.15-55.84_i386.deb Size/MD5: 861156 732a23b93ee499deda765ee8dcd66346 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-server_2.6.15-55.84_i386.deb Size/MD5: 860324 57519a85aad5ad19b617c4676f28d7f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.84_i386.deb Size/MD5: 6918250 084d1cf58595b1cbadcbd7f16dc39756 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-386_2.6.15-55.84_i386.deb Size/MD5: 21724888 f5fca5f423472946432ed46a990c1ddf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-686_2.6.15-55.84_i386.deb Size/MD5: 22517998 6ef9d114c0f9989e9e5a0a6d4af64cd8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-k7_2.6.15-55.84_i386.deb Size/MD5: 22265884 1ee20e38ac15055088248b99fe684e43 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-server-bigiron_2.6.15-55.84_i386.deb Size/MD5: 23627106 b63abff51aa83dc377d5eb9235972302 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-server_2.6.15-55.84_i386.deb Size/MD5: 23179652 98de15fe41e4afa4100f6105b8003f8a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 15510 9190bfcba4e54f10b48d3419f7c3d368 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 238512 1ab04364f536a96b5c2a127765f496da http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 197142 3f27653e150b8dba0ee8b187d8826f5e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 1048396 03a161c4b52eb41c6d401133cd32557b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 1741516 b42acfc4c67ddc9f0ee62bca1b54974e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 160898 fb7d22beea89de5012d2216d0eda3a6a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 9166 38112f1195a5bb82137e1896994656fc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 76470 c9b373c18450b29f9de3b1679249d31e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 53548 6b3491987d4f627c910d1823727dac53 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 33052 ddfeb1282d026c9b32978a5e04f1d3bb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 85628 cf78a570b17bd819e61dc92f8a12355b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 6016 3e488082205ca42452081010da71004a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 8760 350a58a2f466e3f592b2c7bd2e8988bf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 53636 3684ebb027993d843a17bf4c72b02b65 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 130960 de27399a7d9abfb5f51abaeecc76ae6c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 98472 5a5a0a34b4f405bcf0936087cf616586 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 77214 fb39917bbdb208d34fe6a74f0e83d53a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 1768884 6cb328e8edc6b0a0fd27f2a90042c30a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 69614 2d2f95e1dba3de3dd1d963fb1f953e00 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 11766 26e704eca4b49d3428687a2529990418 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 36106 522f5775e1a85646cc4d646f6eec6cc4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 132660 97ac208287c24264bc384b1e1f253ab7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 38574 d825ca1fbb12c5a8cd2d15b094726011 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-386-di_2.6.15-55.84_i386.udeb Size/MD5: 299152 345d6c44429a0a6af9d23179fb78ec8d powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 23728 02cb39b583ee98c8d1a57ce3e5b163c9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 26006 87d2de748a7344d11fb11f8264571dd6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 49334 0847429f9dedb0f286d1c32cb3e8f467 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 51536 9ec5c9b175a6728442ddf73aa218592f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 2306 b23053a32da0479242caeff6e2ae8b6d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 2482 05329a184127afb2a7e48d427feafbf2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 40308 cd883cbcca861116d2518f57f47dc941 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 43844 a1c3942c443e444816749c64439275e8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 112600 098304fe251f9d8c49849946d8ac2aeb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 120740 df40f802ec2ee163a813ea0a3603aeb6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 40906 6cc3a287b3274036e57638d951480d97 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 46002 f8964625617902880cc24e8e22e03ba9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 29026 8607a334399fbe27ee424e5bc0a20103 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 29894 9e6fe015d74dd83cccedcfd8f396fbd8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 211398 ad7cb3fdf5693590d0f7056e8b9acc6b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 225188 6a00a7254a9a82981f23823145ca5a26 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 45056 c00c74d1ffa33fb6575e59067c90cfa0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 40224 ca94464b9c6eca3e9c8eeec160125e88 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 1940 70846ff3e24ac904d034f07126d64a9d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 2200 fa5bc162b62817d3c9f5c055d88d6016 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 80762 dead1604f5dff825e55e5299d06488dc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 86134 50f5270dc53e13c36aa423d3fb6b0af1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 111594 64c98d595b636e46123746b50eb18cd8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 125750 cad66f8b2febf24ba43c5a7db6a22312 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 53424 c668f84292a263caef7ce813b769822e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 58488 8903219e8e58a8d79564945284f00e34 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 147966 1566e7aa02add4341766fd937fc907ca http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 161910 164c7d5ef77d1693a631ce60fcc4ef8d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 318400 a6441e2cd0b1b9ecb1601516f89ff6ee http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 288040 bd11c9922fea1638ce64b776f060f81f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 115862 9eb166a9f0fb53dfd89d657cc835d10f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 116550 41e72d8893ca5a8351df20b6c7c5d2bf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 1925168 1ad660874ee5005becbc5841bf0e9b99 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 2449218 45d3b3e3f88b9e764c3243c2858d3730 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc-smp_2.6.15-55.84_powerpc.deb Size/MD5: 867470 f6031f3c87c28ee40eefa25086b71c52 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc64-smp_2.6.15-55.84_powerpc.deb Size/MD5: 868848 cd0781159d8768b9c92bae2d844d7b6a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc_2.6.15-55.84_powerpc.deb Size/MD5: 870010 f3f837cb5cd7e1fe97182ddbb7eb1a56 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.84_powerpc.deb Size/MD5: 6946990 d65d0ad6fdc2493e7e6c1a9d567424f1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc-smp_2.6.15-55.84_powerpc.deb Size/MD5: 22784626 aef1ff7ccf13cd2e2d41c80f22264eeb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc64-smp_2.6.15-55.84_powerpc.deb Size/MD5: 23693200 0443d7e8b68c5f89aaf7e02e666077f8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc_2.6.15-55.84_powerpc.deb Size/MD5: 22365476 97b5182024c5fe55fe1d45b23a39a277 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 17786 39dca7a61069a0e3c0877662e3fbb571 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 17392 b0b9f69f913131d17af3ab6d4bd6e8b2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 261374 b0b06da41991553a487982e73fe34176 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 282628 81e78bd764bb0fc65be704f3f0be4db6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 227826 39456da28b0f6baa3b74b842eba6acf0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 248944 94f3cc4cabe7f4344ea0c6ca8d6487d9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 1048472 a6d7ef42bf3b8de677ec5fe562228e7c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 1048600 5e01699eaac6cd159a04c724e442e321 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 1738662 d43bf20af0979b29ad1c6df616862056 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 1878206 711e748077e06773658c64416bfa83be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 250824 9d2ad9e9b79a628140775760c6fb2493 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 233538 0730a8fbc4148651919c3a74c3e1face http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 13058 11382e6f8ed79855a01a6151733d4549 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 13532 ad6adbe2c5040390d563fb6221a7a346 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 84800 0159144d3b6d69b9e319731669dea56e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 52202 9ddf5200aca5383eae56f5b7ab414c3d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 73934 43991eb97d8f163e7763dc89cef5b1aa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 85852 20dd6d2d5ea003539e1b4f7f37bb83ba http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 6622 2d7cc5ebe8079dd0fae1860409cf1a8b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 7060 4dc37eb02f6742808d26548a0ecb79ef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 60382 24f359b6596789e61bbd001fd90c5a04 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 70426 8128abfff4f7ab8f32370a151dd27602 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 128552 86b1f62ab4d815af984fea8e0556fd0e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 157952 675fec1992efcfa46cf0043e3507513d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 108160 eb2056a3b1940d3b3b27adcb8df1e68c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 126140 d1c23f615d6aeebe6594386d424ef7f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 87300 47e6e945e4651347cde5e76965131a99 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 93364 802c107ffe461103294fd58c1d12b139 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 2014806 d15cb3eea9558346c08029994feba932 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 1988698 47499eab748909cbc24d41eb251bd57e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 104128 3e626e3e4c59a16338d00953874420d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 115796 5ff731f56aac5f43999c70e98d250892 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 12740 3b4d8bea0a856073ea6116bcdafed867 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 14446 9796772a49dc9688c64fde72be43f446 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 39954 6491b77cf30155c06612af32748ab26d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 41542 c99144c5929ec38a934702c2e041e0df http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 149346 8d4aab9ae6c9f04ed1d4968708c14c88 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 168124 72dcb481cb91bfb750e7d7cb3b2bab4c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 42314 7f7347a9dfcafcc43469d4d4364c1af8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 44916 2641528d804b1c1dd2f7d0e04f3a044b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-powerpc-di_2.6.15-55.84_powerpc.udeb Size/MD5: 320330 6aff8b286b3ddf7dfc33ce99f504f1e8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.84_powerpc.udeb Size/MD5: 324878 11ab2f5d09092b3f9797e673e413ab2c sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 50478 116bcbef4cbedbce5345d410424b6463 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 2354 df747032ea1217e02817c8dec92bcd75 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 40376 4337e5c50ab6220a5ee46b46f98669f8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 110558 bfa3abba4946456a8f6d99a1a405f72e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 41214 7fa46c5fc72ef82e476804fcb3c3560e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 104226 3208d817b562267bba9539f854fe388b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 7436 87a0b43fa978113a74cb8e79b8dd4774 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 149312 9341cb99291093f7e5624f6e9f3c9daa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 1712908 f0e841e92ee8a38b75543485f86a2b4c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-sparc64-smp_2.6.15-55.84_sparc.deb Size/MD5: 771900 6c8197f994e366ec847414a13eb7b906 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-sparc64_2.6.15-55.84_sparc.deb Size/MD5: 771444 46d3fb1d75439b65635bfaac6d653d74 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.84_sparc.deb Size/MD5: 6963130 11d85b5ba6c6e5d333b860b7a5163b5d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-sparc64-smp_2.6.15-55.84_sparc.deb Size/MD5: 15016950 1f36bbfe3b2db1e844d76d984a4a661a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-sparc64_2.6.15-55.84_sparc.deb Size/MD5: 14832050 bc36836f43a994fb29143301526c2ace http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 7436 76dc77e08053d579849c4c09c8328b80 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 248770 dd30a7c1c47f07012b5bf0ee7fd16ca4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 212536 bf4b63251214a4622ce5a55f902203bb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 1048476 575854b9cc92279f65c4acfa0a60e43c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 1482448 de80e93cfd56c729a74ded3b97946846 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 10114 4a3f85652ffd60eb4a94ab3093227db2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 40176 660660949865f2de6403ad165b9faa60 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 9368 65475425005847418b7d9380e4fed4a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 61402 264bfd4456975f04ca592789983eb77b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 163278 1df17d4edff53b6e1102ab15ff671216 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 64092 52a9af94cf9a1ace816d3b1b727738dd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 1235410 e44d8dda7d391021570cc0a826f6c5fd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 59308 00fbe909018b76d099f47d9c39d72a26 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 37426 56112905d8bef55a258eb7aa59cb946b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-sparc64-di_2.6.15-55.84_sparc.udeb Size/MD5: 280130 fb9c0d56db0d19a09524d36af51f4687 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-28.70.diff.gz Size/MD5: 4813262 c1da8b33fcf63ededcc7ab2498e4c964 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-28.70.dsc Size/MD5: 2258 f1f1a3629c40ac86e1b6172f2f3966cc http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24.orig.tar.gz Size/MD5: 59085601 e4aad2f8c445505cbbfa92864f5941ab Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.24_2.6.24-28.70_all.deb Size/MD5: 4932582 c75bb688dfed58df39fa72161bc6471c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28_2.6.24-28.70_all.deb Size/MD5: 8149016 f80aeb18376bc0371a80a5acbbc4f042 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-kernel-devel_2.6.24-28.70_all.deb Size/MD5: 100904 3996ef6a1321c852676912837f7d9896 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.24_2.6.24-28.70_all.deb Size/MD5: 46982104 a90fab943db79ec907e1cbf97c869092 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 28610 b861f6c6aa20728c83bbc0ec9ae239a0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 224204 bd768c83d861caa00758232ec48f21f7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 52648 663642186c3344039e31afcf1d88b48f http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 40640 9ea576c926e3b3b68dd2f98f2c7b634f http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 48646 d00ff865f10bd95cfe0d7f556fd96135 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 86332 d969a4a0657104af706645718743733d http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 36314 98ac23e9bc91e2a54840f86bdd6e96ad http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 648768 458b6968f63bc8134e62c47e8a9be732 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 209944 04c1a8cd3bf7a25da0e78fbb8f90d111 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 39192 254eeda71366bfe9c3e4f7b56828f526 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 67984 29f9c63dbfd2f8f86ea71b2e9cae813b http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 145448 689d507482ed8b85fd15f33d8bdfe737 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 287268 73a2edaf7afc4a65aa77e8995ed3b3e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 2130812 20affc23d001c3a542b0adfa947e12eb http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-generic_2.6.24-28.70_amd64.deb Size/MD5: 675578 f6d7fe8d4eda5ed7e6e4edd2ab9fa2ec http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-openvz_2.6.24-28.70_amd64.deb Size/MD5: 1254372 28e7eaca202b7aefa71b0e3e943d98a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-rt_2.6.24-28.70_amd64.deb Size/MD5: 1276462 1d5f451c0c43c965d585e34d0799dc77 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-server_2.6.24-28.70_amd64.deb Size/MD5: 675490 1ea0767f5025162a3350687d3977c1a1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-xen_2.6.24-28.70_amd64.deb Size/MD5: 1086568 643d57e3d1cbb403787588819535ba3a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-28-generic_2.6.24-28.70_amd64.deb Size/MD5: 17815434 ca2be2f4f00cd6c412beec384e6569d6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-28-server_2.6.24-28.70_amd64.deb Size/MD5: 17785084 624ae6cd24926052048734802477e137 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-28-generic_2.6.24-28.70_amd64.deb Size/MD5: 21063276 fa087ed3f1b02b40b09dcfe89d45f73d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-28-server_2.6.24-28.70_amd64.deb Size/MD5: 21435602 6dac3b165e31f9409240389cd33138ee http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-28.70_amd64.deb Size/MD5: 709144 770ddfa645769cb3bbd36fd3213da463 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 263670 68ff4af3d2752a5d3965eff926890319 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 176414 a2b597847575190f35acc23e2230fee8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 254100 6c70433fbed951cd97797092952efc2b http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 1642020 5664065e58da802295747e9c7c21b698 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 143712 9a418be17d9afe53a5c7add5e90a28b6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 164464 325e24198ba529100a5840ae1b0e2550 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 115852 6b155bc2fa1e59e144c57fad46a9acdd http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 35060 73537c193f7fa3caf4007cc7348e9d28 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 64402 7760e6acdb5dda4b37ffd2fdd33ae658 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 69710 e6bcf4e9b94aaf83a2fd640e7364a34e http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 21596 805227e007ba9dee7f04bf59aafb050c http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 8616 16e18d90244e835d0cbc5ae9c571c641 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 57230 06f30cc1a982671b53e5ca5c8d362aea http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 103038 e571751777dc6cdc16f498add459f799 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 1212558 c1a1947cc4f37c7b1479ece74e399a51 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 45496 6f25ee67a63dfc757d82883b8162b268 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 12774 87bfa70fab065ed960c4249106df6219 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 499398 f50e6a5d591d124ea04b8e5c19683404 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-28-generic-di_2.6.24-28.70_amd64.udeb Size/MD5: 75052 f0253d9acbcf3f06cd0da60e7457c50d http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-28-openvz_2.6.24-28.70_amd64.deb Size/MD5: 19262374 07ff7910c9e0ae1589fcaf93c1fb8acd http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-28-rt_2.6.24-28.70_amd64.deb Size/MD5: 17913162 6999b14fbb5cc112d64c9bfcbf475477 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-28-xen_2.6.24-28.70_amd64.deb Size/MD5: 18914794 a43117499bda8bccd98e185bde493749 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 23686 18bd8e09ccdca0f38c09197958ac5524 http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 26796 46c1f483a8ad20c903e6354c68ee3389 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 218826 7a0c579b79c0d53f5d8cb405070c7e38 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 220472 70a3539d19ebf9be4e7aed9141f64945 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 51924 ed915e6f13fa7a452e37810ed2589698 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 52058 9c19d0affe1777b36dbcd835e95a72b2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 38326 a9041a4039d457f26060784b609ba48c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 39078 393f5a163cbad634e8ba8ff17866e315 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 45994 0b5101e40b38f62278cca75a543f88d0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 46166 8a3cd2550f4bc59515ee72f87d40e093 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 83250 4f57f0e75de3e3884c350df0a92646d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 83650 a29ba07db6908cc0dcfc6fa69c5d154f http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 32396 e09725b6cd2edb1c99b954931ea30a3d http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 32674 74a1c018bdd24a81f56e2f5ca76c86f2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 637742 bb0af8a13cbf714fbbe316376f843bbb http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 655916 503b7879d411c641f10d813d027e745c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 209854 ff86bb3742203e7bd44a5db87ce40361 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 213616 aa25de1453a8512619d62d66a98c783b http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 46562 90e5237cdfc6e54b145b6e13ffdda47d http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 47604 a9d621b700d5b56e23025357604f0487 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 62268 e00dd9915a2e92d3b4a7d7908b2194fd http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 63630 8d854a96bc559b4d87294ece7e79d03c http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 130542 2e4009a596d1672486dee5aa3c8b2423 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 137028 da2ceb3ce4e2f0dcfd70cafba0d3eade http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 279082 63e74d6a553fb1725f661340eec544a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 277692 6cad6bee962600c17282346550b40ddd http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 2012888 14bce971d0e20c69df861da2a2b960bd http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 2089262 98b4049286d60bfd3473da45ce332991 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-386_2.6.24-28.70_i386.deb Size/MD5: 656922 58714a2e1fcc17e1fd89740aeee114f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-generic_2.6.24-28.70_i386.deb Size/MD5: 659532 f17700bc40e9e3e0d003225207da7c61 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-openvz_2.6.24-28.70_i386.deb Size/MD5: 1244404 a00ae4dde9d6a921b17bda0e2fd86790 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-rt_2.6.24-28.70_i386.deb Size/MD5: 1264690 1e454c5f6a51b34c6f336d69269ba277 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-server_2.6.24-28.70_i386.deb Size/MD5: 661210 385cebd0decb92d51bbea38c77f4ea27 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-virtual_2.6.24-28.70_i386.deb Size/MD5: 563854 3806e67c965a034bd8fd0873914baad5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-28-xen_2.6.24-28.70_i386.deb Size/MD5: 1061360 2a3ad99a1b108041578893878a8637a0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-28-386_2.6.24-28.70_i386.deb Size/MD5: 18384498 e8f5c0e7addd09241b7ef435a727637a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-28-generic_2.6.24-28.70_i386.deb Size/MD5: 18402466 0a06a6aad92ccebecf63da2c5966d277 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-28-server_2.6.24-28.70_i386.deb Size/MD5: 18519954 bf9ef7f9445cfc22787b17d74d8d5900 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-28-virtual_2.6.24-28.70_i386.deb Size/MD5: 8734136 0a8147e9d7bee6bc870bdc3208279eba http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-28-386_2.6.24-28.70_i386.deb Size/MD5: 25549924 8d030bc507ceb77d0fc6ae4bef22e118 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-28-generic_2.6.24-28.70_i386.deb Size/MD5: 26364898 875fb60bc5bf8621b97c5574d07e55c8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-28-server_2.6.24-28.70_i386.deb Size/MD5: 27385008 9bec1d2b2b78583fcecedcd5c8ff3960 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-28-virtual_2.6.24-28.70_i386.deb Size/MD5: 24877718 482b8cef0cf005a8483d11ed3b364964 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-28.70_i386.deb Size/MD5: 709188 26cf4f59b5a9cb16b1c5288e9ecbea34 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 258828 643f05e4db376d0bf7558133f91a3cfb http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 264144 8770cbfb2e0e62965819cc57092f779e http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 163268 f173ed5d6f19c886c3e05041e233e310 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 163024 6bb17cdade9c310a5d75eeca5908b7e3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 236736 01de1ba5a354f340f81355f9e7ade04a http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 244974 b86f7aaf1e9200b8f4e91d0455f311f6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 1810636 aaf2ac4ebeb43a06da06b3d74abc4029 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 1827690 3f37ecbc8236e915a23a1c308613910e http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 150834 dc34df5d314fbf390ef32a5695e2d4e4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 143006 007db1ea88bc4bbf545e989cace61c1e http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 156088 f046f30af354e4423fa7f6929efa9cfc http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 157156 daa0873f69f4fa6a3e2c6a3f70a98dad http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 107216 11c20967c4aba25588cd33e41c62f577 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 108514 6d7f89b2f04c023440977996d99b1a09 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 32952 8f3f5c65701052b71bbcd200e9727d68 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 33384 959583f504cdc92260a2e9cd7f154fba http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 60690 46b409f735bcf21fbdcdd069421998bb http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 61148 2015776c1d327adfa0c00c77d14e7ca8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 82646 498f6209320fef7240940bd2eafe8f91 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 82950 f8cd11b646c7b769865e9b0a6e563479 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 48532 fe22024e55539bf9079c05f25651599f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 48460 c070e99c0ec169067c45861ee64e7b00 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 8190 764f83aca8e039670b54ef1bd81bf5c7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 8438 40dd61311a71fb4f258b651d130fedc2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 51108 f788272ef04244c5338f2eb833c68c5c http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 52946 6a3a99cd19757aa4a7e5bf9bf0cdcdd5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 92156 a595388aea811859919835a4688eeec0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 92430 b1a87544de05790689dedd1408f95825 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 1443730 ba618401639337ede996442e8d85c657 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 1426998 8d420db6ebadfd73a40ebb281f29b5e9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 43244 264bc9d22f2d87c78d9ec1246b475907 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 42806 f16161dac125195d296c774de1c55ec7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 11404 882437fd9335b261cd2ce699edda462e http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 12012 20555d5db134914f14f234201b050957 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 471770 7ea7283725e9fc661d40c780fe6e41a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 473736 ab685d960b7ae1f4397f08dca1e3c00f http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-28-386-di_2.6.24-28.70_i386.udeb Size/MD5: 70512 f3a95ca8d7726b950d0145ee38a3c90a http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-28-generic-di_2.6.24-28.70_i386.udeb Size/MD5: 71380 592677ef1ec0f18ae8ac4704e7f6abb2 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-28-openvz_2.6.24-28.70_i386.deb Size/MD5: 20246854 551dee4824d56cd54ebd6e2ceed36ce4 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-28-rt_2.6.24-28.70_i386.deb Size/MD5: 18544608 b047a5db139862e418b7c420e3584e18 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-28-xen_2.6.24-28.70_i386.deb Size/MD5: 18785694 ab4b0f6acb874628d207503ab96c72a5 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 334050 cb0a2732f7d57db2d4cf0aff024b0742 http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 318522 845ff20c4f352d9accc1809e99f8a1a6 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 62720 da2d0022028e792d039fe638a6e511b2 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 73010 505d3154aa77be5a0e1ad64dfd6ae565 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 41444 0358500eff1aa734aa460223cffbd6fe http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 47828 41d9d6981ea0fb6efb885530e55d229a http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 89502 13e293ff0eeef8f0a25532cbc1f6c59e http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 105748 0276e7fc8215525f00c10d0d78729e74 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 44828 a6ad64ce75120444ae7f77eb185f8341 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 40932 b70c6c4ee3bad7a338ef382e8a3cdc13 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 704802 2482fd05dab21510ca1d1cb12255f28d http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 771068 65cf59f3797041350a9066d561c0e064 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 243302 dafec4c170c159b89196ce5a1b3728c1 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 246242 3efe238d1ffb86bb475953cceb77ed8a http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 69164 d97c8f78522a9bdc7b19f9d9eddef075 http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 132596 1e4fd78863d1c805c3fbfef2adabc1cf http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 70242 46c97ad3a53ccee9e557521ef833ade4 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 77458 a7d9a6a35e41c3a8e7552471f78f2de6 http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 146272 074f4acf53ffc60e19b36d4360a6872f http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 165012 02994ab52ccb8b88c8a85954c04c214a http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 388012 3d1d5851c82d9b38f7764a2183ec6b72 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 350478 d5c91796ae6b0f20f52cab3328f9b233 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 2431708 6b69540ac9168a1068af1c829e6ad807 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 3474134 efd7274967d4c93a4b4f757b8b663f1b http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-28-powerpc-smp_2.6.24-28.70_powerpc.deb Size/MD5: 654288 16629f59f727a0d5d1ce1a2f178fdbdc http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-28-powerpc64-smp_2.6.24-28.70_powerpc.deb Size/MD5: 659270 3acd9fa19531e93a19b79b92946742fe http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-28-powerpc_2.6.24-28.70_powerpc.deb Size/MD5: 654194 19fb231dfad96a5202c96e0a963608a6 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-28-powerpc-smp_2.6.24-28.70_powerpc.deb Size/MD5: 20175768 245a4d510c48479ca8608d064bb4d0f1 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-28-powerpc64-smp_2.6.24-28.70_powerpc.deb Size/MD5: 21380060 4c2463eeb9eec0f53a8336ffea5d2f37 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-28-powerpc_2.6.24-28.70_powerpc.deb Size/MD5: 19950242 58918c61f50c52423dde5bb0cfea337e http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-28.70_powerpc.deb Size/MD5: 699320 f121a6d0897b8a3e3570355ad721475f http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 266748 96cc9a56b70590f6ef9cb4f42abd9f4c http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 307734 2a8ec116cdc2b993d54831e547d3cfe4 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 192248 ae395f02a06c83624393880a1c8bc755 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 201694 0523582031686284be72e9516eb874ed http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 272066 97f5240c866f23e18620876700e08bd5 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 306006 a09ded2fdc08a8b4fd286d5a732de719 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 1807806 f968364fcce3f3e06fe0229f9ad00400 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 2119512 8826a9667e0813ad11f13ef49ed0c9ba http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 235184 4d42dbe3fee5610fefc492c84f82f01d http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 225400 72d96411968df5bb24b6c3409111f368 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 170442 65ea470d4661896774e2b17744bde9ea http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 199750 8e539809543d9b39931c2f9c0b608fd3 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 117952 9c0be00ccf310652a819d67e7fecbbbc http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 139264 366dd0c02e403ef16c9da1ed940336bb http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 45374 7da2780fd97a9efdb2891c4cd3dbb611 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 46836 f96d04782ea762bb25c5b7fa13927742 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 51136 7eeb8c67107d09cca5d6ec53b4e0e640 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 60300 75caefd9be900faf4d7bd665e0a87e49 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 74182 2b8011cab437a41dc77b94b88e469222 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 87214 134a0a4d60e3a4d00ad71d8a38a00054 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 76092 ad9b456136a6e9bad3004f4e618dbcca http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 30230 83682f80fc1250d73ca5766262c8cf8e http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 8488 6726b989a4df2541daca42af39d3a30b http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 10030 4812e4833e0e4b3ca8e55079cd13d7ff http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 57440 d72f21d71d83cb31c79aa785a6c158a4 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 68744 0276d8aa4abc940cae72d4451ba65cdc http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 101186 a3d4b7bea0440fcd1475bc292cece983 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 147822 372e114f4f7becea140fa5f33851d694 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 1565814 f4456b5f007c8e045f81e6de0ea25f99 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 1514592 726d8053f7f1ddebe305118ee429a5c2 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 76668 a8fe769d492687b7b0e3ae95e1f28038 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 85974 0aa16271f113ef2bb68b07dd5e387800 http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 12710 dac27b9a6eed7ad24e351060e8b2858f http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 14558 ec5ed3428e4b13a483d2ff19cff1ccfc http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 450810 4260e241f3f0cb6735739ccea2e70cda http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 505340 18d9294716dcdba902081c38ae39a676 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-28-powerpc-di_2.6.24-28.70_powerpc.udeb Size/MD5: 83696 1ad62154f4910af7748784cc71c8ec39 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-28-powerpc64-smp-di_2.6.24-28.70_powerpc.udeb Size/MD5: 108846 89b0ef22256773f155bd3d3868dde5cf sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 59576 50a041d5ddbcac27bae81c81a94584e6 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 71726 6be6331d6cec8cdcfb63a25a1d94d0c6 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 42442 750e7a8fbcf37e4f1e18d75952056d6d http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 91778 ae78c7f7ed5677eadcd2bbd04e12e624 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 587170 b8ce9c8d08ad3d2d4527e0ac285a2e85 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 171076 70d9840d79c7d897510c19812c849109 http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 22356 684c85bec9286e7c3364cd7e7d20f056 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 46052 ca2fe0707c599d22956dfb3fc8abc724 http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 152976 0d22680968c277f76a4001889af0431f http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 2135604 1b0f5a9cde179230c1166358c726305b http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-28-sparc64-smp_2.6.24-28.70_sparc.deb Size/MD5: 567336 5eec7e6775fe7fea52ca71b52f4de8c3 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-28-sparc64_2.6.24-28.70_sparc.deb Size/MD5: 565774 d5ff9b03b0d4b52aa4b462e9d3b536d9 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-28-sparc64-smp_2.6.24-28.70_sparc.deb Size/MD5: 14098838 83993d0248f289169a7afef405666fbc http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-28-sparc64_2.6.24-28.70_sparc.deb Size/MD5: 13833014 504a7d30fc2f014e930eb66bfa369485 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-28.70_sparc.deb Size/MD5: 754240 83b808eeb2d8b4061ddf9d268e44171a http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 270056 98f38a0933d936d9aa8112fb6a8e2f79 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 190354 c4600cac5d626ddfa61d83a1ec671247 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 263026 a7df05507a97bf05575bfe742c1f7fa5 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 1386390 54a61a95d39edbcc445094f29c42f262 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 175414 69911cef4dd5a0d3d030a528ce8457b9 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 122098 a0c2adf687a51bbe829adb835ecb71ee http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 40394 3c68e727d9f14a708d9ffc7f1bbe3aff http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 48058 19adf9ec3c25c920295662c53f3dda27 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 8696 bb826a025cd7b1e9cd679c35c6126648 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 60508 4afc2631d8b1f65d02491233d5ccda2e http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 106836 b422f1235cb15f81230d03e9b3bdb4e1 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 1002042 9b12e59032066f6fe401f01ee248cbda http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 9518 b89c5ead0ec11c36566524fe1a6f544e http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 391832 a484119637039fe91af1d8bbd8b320aa http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-28-sparc64-di_2.6.24-28.70_sparc.udeb Size/MD5: 75926 8ad4b544689a8fee5dc03630477ca40c Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-19.61.diff.gz Size/MD5: 7408064 bf077530cc28fc2c8ca7f9ebc05eed66 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-19.61.dsc Size/MD5: 3175 c72ff80106672ba9fe2b235ed9a26224 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28.orig.tar.gz Size/MD5: 66766084 062c29b626a55f09a65532538a6184d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.28_2.6.28-19.61_all.deb Size/MD5: 3637802 0071d076650095f26837d5a5dedd2145 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-19_2.6.28-19.61_all.deb Size/MD5: 8702074 9443d9c2687b48b786cb25d72fb485a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.28_2.6.28-19.61_all.deb Size/MD5: 57052608 2e0d28a7e74ae69fa47a6e6f250948a0 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 234610 23fec831e3f61298baa06636eceedb01 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 44118 4a5fac5654db234e70a2e9eaccbf4285 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 43320 9952d12ff6a86714d06bfcf4bc9e4440 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 51118 7f9136aa3cb5b1041cf0551ddef98511 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 90086 f2df406121a67d4e0a47175ec1d71d9b http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 38016 d766f9f96987f7493d4fc61e591a8b33 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 521640 fe11a00a5429edfe67d479e8d825a39b http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 125832 b4d69c3d7c5c847d8aa24d837db44486 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 58072 68d73aff5009f5d5040372f2a46c49e3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 312522 221708988c790d5e0fdbc477aaa81323 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 3870958 c7c36beae2f7bf5930443ed3f6fddeb0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-19-generic_2.6.28-19.61_amd64.deb Size/MD5: 690350 78eff761f3de3ca6b6a5d787b0913386 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-19-server_2.6.28-19.61_amd64.deb Size/MD5: 689874 2f16c0b044e2f930a6de88d26682a404 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-19-generic_2.6.28-19.61_amd64.deb Size/MD5: 24343062 cfe2467fe5ca7affab65e8735c698df5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-19-server_2.6.28-19.61_amd64.deb Size/MD5: 24339190 440cbba0ae0f1b19d0a68ee7499ca3ea http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-19-virtual_2.6.28-19.61_amd64.deb Size/MD5: 10552344 058b8ed0770e4aa1df480e174f857778 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-19.61_amd64.deb Size/MD5: 767088 f35f8e695c44c813079736c9c17bd5e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 215202 fcf462d6720a7273ee02c49782e83b13 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 189510 9b19fb1abe93c181fe5fda8e72b8cd26 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 29406 6288043ea717a7305dc8510cd2f421e9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 274494 036b1935bbceccd31a7ed7e41f473f8c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 1933878 13697cd495d281f48696d983541ffe7c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 163480 8de928fc197b8b89ef1c7750a38b0d76 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 194830 74b0f571685be779768609c16a414346 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 153010 3f9d7d19adf9afb4419a80ad04231009 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 36498 fd7232b8dcf13ff08280ca63caeae302 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 5838 1cc67d1a6c420276e6f59db3ed9942c8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 72150 a499b73933f58ec19e04b6428fb82185 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 22718 56724a5b7bcc91aff7be15700c0a82ad http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 8874 a4f0e53f6b6d2cacf54c6a9ac9eab37c http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 47442 b366ca0d5084bac531ddfbb50a9d51a2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 15662 a0d315f845d9b5688dd17954a62f9d92 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 1273634 e0047421d0cb50d5b39c75c97274697a http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 47210 8ea312e79dd8c391c34b6b69cd257977 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 72702 c6ffab61cbfcfdc2e32cbf60f1d4958a http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 126982 d6ede00cbf90e3b77fb8472fb3a9ee2d http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-19-generic-di_2.6.28-19.61_amd64.udeb Size/MD5: 13472 d48c09cb3270f0372ba5adfbba467306 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 215872 98aa4e99386167781b23b5504cbc8591 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 46666 ede37f43ef40b34f9d77fc4640514651 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 41356 cb2e3f87cf5642a12835a48f2f7efa8b http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 47404 aeaca1593385350dc704f57aaf625b73 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 86924 5ea2819a5c30ce4c89a2bce2bd4627aa http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 33574 2cb4c345fe2fb221897102c5014d2017 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 525756 f090c1ccf69ddb2820186927c85dcd98 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 125642 86e82e5dd9d4f57969d66c72ec5f41eb http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 54880 6e13577469a187fece4e004a80668b48 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 301354 a8a087c11396b663d52e6fbb2fc419e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 3744732 3bf841c6e53f9a9d6c352609cd21570b http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-19-generic_2.6.28-19.61_i386.deb Size/MD5: 674722 ae9bf80ad2a72a2eab03a182d0b076ec http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-19-server_2.6.28-19.61_i386.deb Size/MD5: 676386 672cfd17c45527cfcc4b74abad9f652d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-19-generic_2.6.28-19.61_i386.deb Size/MD5: 24657574 7a23546eec680913e2335da9389181da http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-19-server_2.6.28-19.61_i386.deb Size/MD5: 24781358 fd198c0b13ba70eadc83348ae87cf2f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-19-virtual_2.6.28-19.61_i386.deb Size/MD5: 10250202 cdd81611c7865173650be382716316c0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-19.61_i386.deb Size/MD5: 767068 fbe363b42e813979a49a7444adface7c http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 218104 238d1fa355579b3e5c3b9a5f409ba412 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 174930 6c69f1ebda0371c7145ba0889931890b http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 30066 f825580f63a3220d9ec048f5660309c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 262836 1ea6cea34f931354abe2c01aa8698f01 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 2110024 0ad4a3aab3642c6ff44b65e2155483d2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 150224 04dcd6e520494576ac6e06aa863e73d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 184330 40e357d4f7c99b886a6b7a00170177a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 143594 38768a0d3f979c7cd662d6f2d23b4a68 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 34576 dd9d68b4aa49cd96d1a4957ea1758668 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 5506 9e285ac21f1486b3ac73103b3e96fd40 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 86008 578f19d536439c1b0aada7f86ccb7241 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 47638 fe2306b25d5f55bd6566a0c2291505dd http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 8714 342c255e7f6fb6cc33b68075f0e21550 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 44690 94d2c332f5947f4dce037570ce39b35e http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 14778 0fe26ba732bfbe35baf944ae3b0e0bf2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 1446006 a016a4624c870f7359e89d436e94bfca http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 44098 8a7b3746af4ee04b564c8bd8caf17027 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 69286 f10cde36cc89019b0a2cc3ca37dd1570 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 119542 b1a3003512dc0814ad58c46d29cea106 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-19-generic-di_2.6.28-19.61_i386.udeb Size/MD5: 12676 17546e9dd8ca873e2b2ab89c04274faf lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 215272 2da99e7865fed571480c1daf83362c2c http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 46658 d88e490bb0b9783884ee8c7d7268af02 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 40958 658c3596adb419ab460d1bec285c84ea http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 47310 20f31bf3e8154ce4e165a26ee05829b0 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 86524 220c27bce804ca2f28a07b1aa05a6724 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 33270 77f0d3419e8bce3aadab46745a89da47 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 523812 ca9ae4910b3b80db2b5f66df497b97bf http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 125274 df84493025631f40a26684e18fcbdcad http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 63562 aa198524f22feac47e6afeb90b4814a3 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 300758 e2f88dfcf8062c76ba8feb73009c470c http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 3036096 18ba173775e4bd72614757f96464f43b http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.28-19-lpia_2.6.28-19.61_lpia.deb Size/MD5: 643960 a59344b6416b7986fc4e381d2cff448b http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.28-19-lpia_2.6.28-19.61_lpia.deb Size/MD5: 21804176 6d5ada4bd63dc0267ec128ec5523d603 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.28-19.61_lpia.deb Size/MD5: 767048 119ec87226497a4cd35ac1616c110f8b http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 303974 013d213d0147879eaf3b03ee5a52ba62 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 157420 daa1b45750cf096ca0f21c2e9805338c http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 24444 a4604496dbae27099d5e99be02661e86 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 260358 050d3379257c6db05af1d9cbea5246e5 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 2027504 b41779f2e28f1a64bfef1328e0d46025 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 149404 0b24ae1029ee3377f090ce81937f591b http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 184738 4a4709ebe1e07dba8e80164d5d99457e http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 143256 93d56d8675a88d483b206a0bd915cc10 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 34466 b307ad93ea4f7c264c20833070f32599 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 5496 ae5a05934e8cb5b52e0793ba2bf8804b http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 85658 c8746bbbb6796a2bff3fa6b336ed74b4 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 47404 6230bb1e8b46bd653ac5d3ef9d9052b7 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 8712 fed56dd339cc12bb2c623a54da9d5b3a http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 63108 18cf630fa14beb0692f7398167e8b691 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 14718 8ee6802e848c75ca39da8ee1e02f0314 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 1447856 77369ff1a3bd4417251f3f1de7dc504f http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 43896 f514d1c6dc5f0edf987eab1993eff850 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 155176 0dd0d60e9685c6f1f092e7fba12f0d2c http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 172682 daee398b65ec579129a974398bafe526 http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.28-19-lpia-di_2.6.28-19.61_lpia.udeb Size/MD5: 8152 f19e4bed18e1f803f2403c1f76bb4567 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.31-307.15.diff.gz Size/MD5: 9270340 efbacad31add4310d608052e0138cdfc http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.31-307.15.dsc Size/MD5: 2706 ab7417b57fac2e918ab18b71748eaa25 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.31.orig.tar.gz Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31-112.28.diff.gz Size/MD5: 4002602 7156a2ff98e4a29eca8db92dd27cae34 http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31-112.28.dsc Size/MD5: 2180 e004ede760b9ead8acfb08aae3626bd8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31.orig.tar.gz Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.31-214.28.diff.gz Size/MD5: 4613937 a6d34bc737f45065a7856ca478f09ded http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.31-214.28.dsc Size/MD5: 2214 2387eb27814bd67f0788fd0450f400ab http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.31.orig.tar.gz Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31-22.60.diff.gz Size/MD5: 2968144 51d9f41be632d0069d48b6fb7c53b059 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31-22.60.dsc Size/MD5: 3782 1027672ce46ed3c00dd0fcc4682a64f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31.orig.tar.gz Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-doc_2.6.31-307.15_all.deb Size/MD5: 3801110 11ec385a097f99220d5ddb6c2e2f4002 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-source-2.6.31_2.6.31-307.15_all.deb Size/MD5: 64261132 ed0333508c22109f028ae2ef766fc85f http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-307_2.6.31-307.15_all.deb Size/MD5: 9674276 489c1295818e3e5ee4832104c483a0ee http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc_2.6.31-22.60_all.deb Size/MD5: 3802616 a36b05da0395ec7db681dc19fb2f1300 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-22_2.6.31-22.60_all.deb Size/MD5: 9542888 f10672f2db8403df76eca5b20694b8f3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.31_2.6.31-22.60_all.deb Size/MD5: 62194756 b7cc137763d5af113a71e31e6ac22f78 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-307-ec2_2.6.31-307.15_amd64.deb Size/MD5: 611656 2c695d1b064b808c1a2302ab2b886977 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-image-2.6.31-307-ec2_2.6.31-307.15_amd64.deb Size/MD5: 18766724 49915d82add98b1256e69fe1bfe8078e http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 221404 254b05d713505665c031b4496b163c22 http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 15634 c74946f44729c910272e9ea7818630b2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 52140 f69d9ea44c436108e9d12948b8136090 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 44830 cf091e89005a5a90931b7f752bdadf69 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 50086 7aeca28683007786d5ebd9ef1ed3ac26 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 92532 b98c59ba794fd8779c7d72bfaaed0197 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 37776 b8bef8f976de7b77be419a138bcae78b http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 537596 6b955d65ff2d68e8d95051cf094907c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 130680 f33ba0ee944acc4719c2967a1dcabdb3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 53836 f67f7cc6ef67dcf7f672fd569a89452f http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 310082 9c1873f4f9d43672eb590a7321e1d6f3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 4360720 16490513f45ae6688ed2bde11abf9e81 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-22-generic_2.6.31-22.60_amd64.deb Size/MD5: 708238 ece5100190ee7b1cfe205a988482f652 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-22-server_2.6.31-22.60_amd64.deb Size/MD5: 706794 eabe25a6ab5ecf566b6155d1e40b098b http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-22-generic_2.6.31-22.60_amd64.deb Size/MD5: 28945438 dcaf7dcfd8fd1bb8396403a8385f00c6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-22-server_2.6.31-22.60_amd64.deb Size/MD5: 28940552 0345077dd48fee880de7036f7b9565ea http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-22-virtual_2.6.31-22.60_amd64.deb Size/MD5: 11766174 dd131468e97785447d16e271b9f0c96e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.31-22.60_amd64.deb Size/MD5: 753492 0a0b60ed5f9fd5317d117b348c25a226 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 168332 2698dddf736f1f55b43ee796f36025d4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 202808 83c4daba95357805420dfd042b326624 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 27744 04f33c682c35a27fb0622c0ccfc64539 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 311822 4748943e01de51f9fa0afe1e6667ba11 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 2281794 cc0444cb92dfe6d42f1c29cf37020399 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 158660 ddaf46384d9657ea1afd15f0b7a04381 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 203114 0a8ba89a3ac2c15fba026750b7724b9a http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 161070 67957e42b693445a8bec0d1e65e55026 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 38052 7f306f8d2cab050417d6cb38857b5d5a http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 5762 39e5dbb1081ba9537468d1a927fd0da2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 73772 a4bad6ca01c03a927453ad26b099cce4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 22250 53b93aabb270063d193571b49d95b9e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 9538 29dde3870380ac336fbacaf92ba229ea http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 39852 7e7b6dc05ceb31ac128631131cc4d523 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 23488 023007868ca9edada0fb2c92805d9683 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 1389890 cb421da7cd9f9dc1c2b7920d3cbd5d26 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 47372 76db327e946e56267ebb075149dd74d6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 51746 2d218a60e0c7df2b655e8dbde3b8fde0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 129008 8e259b2e63ad1b7540ab5e280fd1185b http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.31-22-generic-di_2.6.31-22.60_amd64.udeb Size/MD5: 15818 bd77ac1c53d4013fd44d6e08e0607a0d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-307-ec2_2.6.31-307.15_i386.deb Size/MD5: 583698 c74a1a2666674f9f7868022638a44eec http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-image-2.6.31-307-ec2_2.6.31-307.15_i386.deb Size/MD5: 18098198 aa80a9877a0e8e66b3eaeedf106d2735 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 198856 75a1fabea67826c04b3f970855301f66 http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 32460 debd7f409c0590fbf8c54e4bfd353b0a http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 49946 a1fd0118b8702be8c81173ac13de49f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 42114 8ad595e8510acc850d85f2b15409c398 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 45944 fe33cb34669e234be9c67b10786438e4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 87406 f8c4148cb3a8f30c7a59e5dae4771175 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 33766 fbea3cb1763e19feb0994cf8500132de http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 534130 2d58da5dee752af1baedeb14a08c5f96 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 128170 4723852ff55df632006c4927d13f114f http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 49746 a976e85f8ee996273f27a347df71a409 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 295730 69eac5e852238c1a21440a9241b14832 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 4196436 e5b97c5775a2511f10966890095da19f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-22-386_2.6.31-22.60_i386.deb Size/MD5: 685230 67f5b3274f3a20bb452797106ec9f137 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-22-generic-pae_2.6.31-22.60_i386.deb Size/MD5: 687020 7d21f4a09ce0a273cb6d7503e72ee6ae http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-22-generic_2.6.31-22.60_i386.deb Size/MD5: 686244 65573f1a4fa26cf1d025885ba2cebbbc http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-22-386_2.6.31-22.60_i386.deb Size/MD5: 28823902 18b1320dcc9bc2283011911c04237711 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-22-generic-pae_2.6.31-22.60_i386.deb Size/MD5: 28958792 dc3e36f69d9881d9d26e8cd2c44800cd http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-22-generic_2.6.31-22.60_i386.deb Size/MD5: 28891678 aae1afae57ad58337b6454bb13ae72a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-22-virtual_2.6.31-22.60_i386.deb Size/MD5: 11300176 dc82553b7990534cc39f9f4cc4e00f87 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.31-22.60_i386.deb Size/MD5: 753460 b871864698fe96c8c053de1ab7d28b3e http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 172874 cf867621a1c6af7d2df0b32c31d47f3a http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 186174 421f2c1b6a7a9211742bcd0116d5b16e http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 28924 bf4c063e743601b1838970be5eb4665f http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 292874 8b3015efe3f52550b68f137e72be5632 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 2400172 d3a5e3e28a6f54f5ac55255fefe8d753 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 142002 863be5985847e2c869ccb738ea6eacf7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 189594 5451c54d33a9917ef47a39385a2d60a9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 148538 4f7e33f693ccc7d0fd540942fef72b5a http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 35292 8faa6b0d2be91563e4f946a97752a550 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 6840 152a8cf38c19823497507b9f3663df86 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 86104 cf1457aa150576d327043920a45cff27 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 46424 b2baacb7c5ffe63175430863e7d6878e http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 8918 9b41564f8be9827daa0254d9308ea154 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 36282 291e645259303b5c8802e64740569845 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 21668 467a00b25bb160d9e117fc910f31784a http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 1495340 ac8a383261c23880b7f2f98dc9ca0f97 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 44088 12d57d9e5921a6694e98f72cd661a89f http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 48548 06ffbb6a1b5d63dd5187dc4c96d81004 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 117862 334d8feda1b33280c0c767eb59fc8941 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.31-22-generic-di_2.6.31-22.60_i386.udeb Size/MD5: 14532 28a556e15bd25cacb435f06bc40de557 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 198816 cabad71083cee31770876846c9b3e5f0 http://ports.ubuntu.com/pool/main/l/linux/char-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 32446 6aff2bbc6e25c9ed6dfe471c79f9e63e http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 49948 a322353219ca799650b5726a6c06b1d6 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 42156 bb1c584d16c683ad60b94886115201bc http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 45934 ce7abfdde991057d5de236cc7c92dd06 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 87392 5a3de6c8b7e9f7789d180572b09dc2ff http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 33758 73cb370ad891451b4d0bc88705010ae2 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 534312 6deae522a3c870b57491d1da33d886bd http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 128220 9301688d4020d499ed969748cb732bdc http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 49750 c3fc2a64a7415c42a60be5284785ac0c http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 295734 7b6c3dfa99d318e9202a33348b0b7f40 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 4197456 d122014f54ef4ab940dc19ec321d6286 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-22-lpia_2.6.31-22.60_lpia.deb Size/MD5: 684840 c139f2a52780e291cc978594db715c14 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-22-lpia_2.6.31-22.60_lpia.deb Size/MD5: 28892608 4bf6a29734b5aa254ca96d4c0f26ff29 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-22.60_lpia.deb Size/MD5: 753444 9e4b00e5d9f5a894ba2e088c3d15e280 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 172932 8478bc14f1f14a05a4e93b2356428c29 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 186154 49c9a729f5b7cd5f127d8f45437dd162 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 28912 267006f0a11aaf673cf8f3b3f3abaeb5 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 292858 7761b4f00c9257ce5b7873d76f1c5ea4 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 2400346 e2ab63a68d1afb4b84de59722af76fad http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 141982 32b0be2ea446d44c0796ead47f311aed http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 189584 29474120e1018740d2cedd3c560d0c1f http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 148528 8a3914c5c04e9967f99d5b71f0630c22 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 35292 fc88bbd3fd4ada2002bdbb7dda4784bf http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 6828 495fe0c7945276ad8055ff66aef0c870 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 86098 309c17f97610d6901a49ec7deee22282 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 46412 3a56ab298ad69fa20a59243dc90d91b3 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 8900 dbb82fccbacffd5147b0a4ba42e73fb0 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 36270 f275023b9b741f5383a4adcb3c20d8fc http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 21666 a10e2c6899f03445dc3fd431b04e389b http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 1495072 a60482e79efeafe8f7c5544b7aac4d25 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 44064 c5c8d43cdfedaf45b3bcb0ad5cebcf5e http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 48540 a81308e2c1a4e85467c70dc11586a35e http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 117832 0fdbb4919cd2f93e13304a484a76b890 http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.31-22-lpia-di_2.6.31-22.60_lpia.udeb Size/MD5: 14516 f87cbe777565bffc6791d917445a8ed2 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 321492 a6e3955497936e2d8d21d663f79217a8 http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 263650 c39b24ef95a57138b0c8c29d8ebd1db1 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 58862 623da2e39d70d011def84a9876f404f7 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 67046 b7ef32e1debe5e3897b29bf892a205a3 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 45932 ad59fb0a080fbd3f0c54c489fc1a2b41 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 51298 255d5493db43cfcb76868955f47e11a6 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 90698 549cbf218bbe9b9ca431c42995dd0895 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 105162 f4a5cdf80fdb0d8b50b66266e2a67600 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 39486 1cc5b805673f1e8ca877d80199bd35be http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 39270 c80c6ee3f07888fa3c6f3c6147bf9a9c http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 581030 48870bec4d7c78fbc4d447935a7fed0a http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 626342 71f4768f5551e771ab87f2621da8097b http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 149306 ce090bfc2dd1317de4d461e605d74101 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 147320 b3947ba223bd39bce44748fb8a737100 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 79708 998771d5afc49f155a7a028446f0386a http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 84132 677a36642f9fa2d4ac4876e7c4c8588e http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 402940 f38251cc951d684a5052d3765152fdac http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 342490 bbb42db83979db7bddad061bd10c19a3 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 3838604 3dc50a2b64f2864947576cfdb07c8ccd http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 5223500 d454911ee6879d2a8e3e09ef756525a0 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-22-powerpc-smp_2.6.31-22.60_powerpc.deb Size/MD5: 795016 dc961bb4deb5e0f7cc8594d3b42fcccd http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-22-powerpc64-smp_2.6.31-22.60_powerpc.deb Size/MD5: 813182 cfdf6137c9db4ff068f8377641a6f994 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-22-powerpc_2.6.31-22.60_powerpc.deb Size/MD5: 794466 7098cc192d736432f69d6461b6b2f1e5 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-22-powerpc-smp_2.6.31-22.60_powerpc.deb Size/MD5: 24881134 d3a7996bfa4ca9d00ffa138e8af07a65 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-22-powerpc64-smp_2.6.31-22.60_powerpc.deb Size/MD5: 25859358 1896b217a23fecdef7fa4f4108b5a39d http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-22-powerpc_2.6.31-22.60_powerpc.deb Size/MD5: 24711328 090a1826d0b29376957bd285a00bec55 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-22.60_powerpc.deb Size/MD5: 738524 6a069b9d476c1302d17b59b97d9f5fef http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 272172 ed7a1d4d22a74235e0e945cd00618b3b http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 294756 b0fda03144d279b6d8c11ba4a151ff0b http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 210594 c2dbac3b914f766e9eef15e760579805 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 217030 6f3106804d19966c219d7f3ef60e7ec0 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 26370 4918a8a9b630381d08931f36e98a6ba3 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 29680 dbf2a64751a6b805c38a2671588cd55b http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 315082 c4cc05ae803543c34dbc5b84bb506fc6 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 357610 169b16c940142485d187019ae62dfba3 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 2027744 72cac22305c06de13610f3e4cb732000 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 2247756 eeac477bd4452047bd4e054438ce5ae1 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 213540 539abf10cc8075cff2aaeb7a5d2a4415 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 209828 07bf91d64a9c1ca41d847d1d45145859 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 210294 d03b6378e07b7d16a8060805d5a33a1e http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 244890 35b7664b5b7866124f07498565492550 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 111850 76a16b3ec983c1456a847b74b058c84d http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 131634 42b2955a56db91a6734e79fabe4b6eb7 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 49036 9f95af70a86ea344deb82828097f33ac http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 44086 d8d27fda02b3a2eccd1bb295513b0ae2 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 5848 ca06ac8de8f328c81d274625018c28dc http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 6510 19263161420a4414cca39b3e176ed1fe http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 79130 f9547fa7a009cfc1fdace53f207e66e0 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 85236 783f47a75d9e82f999273ae34ecb2bad http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 74332 09ced5601534f6721803bc936d4474a6 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 27270 8fca637189a591b726e81d9f759de81e http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 8542 5e50b93423cef9abfa0e1224b0706042 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 9816 645a211d3b5072ddfd2494355f612081 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 58820 d1e640be1163d46f9c4d30f16bc5d489 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 70146 df3e05fd190bbdee466474050abf6d4d http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 23716 df0ec1c32f484026626eba3aceee8bd0 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 30798 d34084fae6d01f175c520a7ee88ae885 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 1557496 8b2c2babeeb812ff28154713e33b68fc http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 1509500 140ca736b92247392b5f7a81c6112824 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 81652 2f7f7e13c32879ede7d9444b7d0d82c1 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 88506 eb5516ed210ea0daef38e35a63497716 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 64574 93994b13239fa750556d18cc981ead23 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 77178 88f35d2608a8c3e187ffddbc1d1249cc http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-22-powerpc-di_2.6.31-22.60_powerpc.udeb Size/MD5: 141566 1705c06d42087933e0bc8078790c00d1 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-22-powerpc64-smp-di_2.6.31-22.60_powerpc.udeb Size/MD5: 151400 5a4f2e223dd56b134c2a1bd52a5fdab6 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 139446 c7baab61c8a09b5ebef664ba84316425 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 70116 cbc95ad9771e8414cdf22bc424b7e257 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 46514 6cd9a6fed2a5aae88598be99e139952a http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 93986 5eac60dfd4283e77a7ced7e36f4bda4c http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 588776 425ae2acd1afcbeff7468ea90c778300 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 148400 5cf7b0187e50f5c17a0a951650ad19ff http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 75882 089f804226b3cac5e0f007704b5fbc3e http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 2915232 bdb3bc98fccde0f109a49486b8f4fd79 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-22-sparc64-smp_2.6.31-22.60_sparc.deb Size/MD5: 612074 601db402e4c301ea1f3c7838655e4bf2 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-22-sparc64_2.6.31-22.60_sparc.deb Size/MD5: 611672 5611adee164ba7997a9dc6a35cc03919 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-22-sparc64-smp_2.6.31-22.60_sparc.deb Size/MD5: 20554024 4ad3050a3a26f3470c2df6cf32ea12a2 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-22-sparc64_2.6.31-22.60_sparc.deb Size/MD5: 20242858 42fa813a7d01a6864dc27d8b5602afee http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-22.60_sparc.deb Size/MD5: 750612 8957e1fb11e133d1e6c056ae25fb1921 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 266438 128f34223118495af4a21daf6fbf9099 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 209154 a2f428054c4405bb238d2be5dc54ce17 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 26792 1ca186e1ac28aa3aff15bdd6060d07bd http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 314212 212236bfb1dc174322ca6e9f277de47b http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 1675454 da2055579d886793a3ff4c0118f451d6 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 222868 bedf62d04baa61688881e77c64fa7c15 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 121974 b1b8381f0c79f3b6466d6baf71446f08 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 38796 e04e8345ec4eab7514fb38c751d561c6 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 100826 39ba938bb7bd38eeb830b1a3d75e2155 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 8928 18206a9f5a2a84dcdc7bab536d389156 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 62912 c16890ee3c8ad593ce2ca0d60bf55194 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 120986 0f766f53e118900c8cc33fbb7ec591f2 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 1218150 17f468abbea9fb86f77c5bad73c3a73e http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 101542 02cf5f3466caf54628bfadfabbdb86d6 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 200226 5cd4a933a0218730a5906011c5bc031d http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-22-sparc64-di_2.6.31-22.60_sparc.udeb Size/MD5: 185114 af6cfb5ab8a3e15eac5005f1c78d2507 Updated packages for Ubuntu 10.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.32-306.11.diff.gz Size/MD5: 8482468 87193041e67aa771132606051612da46 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.32-306.11.dsc Size/MD5: 1502 cf51bda52f14984a1c3913d585b94dcd http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.32.orig.tar.gz Size/MD5: 81900940 4b1f6f6fac43a23e783079db589fc7e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31-608.14.diff.gz Size/MD5: 5383378 def0a5c447ec67f86d849bb83fb8d2fa http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31-608.14.dsc Size/MD5: 2180 a4fdcf52dbda79869b8dc1a9b0d41fe8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31.orig.tar.gz Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.32-205.18.diff.gz Size/MD5: 6748240 2a5a075f68fceef9902a1e194463ed25 http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.32-205.18.dsc Size/MD5: 1464 6d6a8254b60e8244b1f96b4d85d6687e http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.32.orig.tar.gz Size/MD5: 81900940 4b1f6f6fac43a23e783079db589fc7e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-qcm-msm/linux-qcm-msm_2.6.31-802.4.diff.gz Size/MD5: 4275510 2e55ad3f665eba2ccfa99804c5f61941 http://security.ubuntu.com/ubuntu/pool/main/l/linux-qcm-msm/linux-qcm-msm_2.6.31-802.4.dsc Size/MD5: 2162 a0268c009b0452ce1d6bbfaba3ef0537 http://security.ubuntu.com/ubuntu/pool/main/l/linux-qcm-msm/linux-qcm-msm_2.6.31.orig.tar.gz Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ti-omap/linux-ti-omap_2.6.33-501.7.diff.gz Size/MD5: 3434570 c246b6f07ee762ee5c6c13b8d064507d http://security.ubuntu.com/ubuntu/pool/main/l/linux-ti-omap/linux-ti-omap_2.6.33-501.7.dsc Size/MD5: 1442 43cfcac6c98558e0dd45b6a13873c5eb http://security.ubuntu.com/ubuntu/pool/main/l/linux-ti-omap/linux-ti-omap_2.6.33.orig.tar.gz Size/MD5: 87197318 83dfcb85de817d9b63ee31937118c9c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.32-22.35.diff.gz Size/MD5: 4621518 c2fc8cc8caf3e8d8908bb4732a60d33c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.32-22.35.dsc Size/MD5: 5568 b7b30fce01964ef809d3395f29c0f22d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.32.orig.tar.gz Size/MD5: 81900940 4b1f6f6fac43a23e783079db589fc7e2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-doc_2.6.32-306.11_all.deb Size/MD5: 6391790 9934fb97782458b5a5a108364b86420b http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-source-2.6.32_2.6.32-306.11_all.deb Size/MD5: 68063660 bb66d042a1242106996c48d03bd54046 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.32-306_2.6.32-306.11_all.deb Size/MD5: 10003726 932c5faf79a155d5370beb510831362d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc_2.6.32-22.35_all.deb Size/MD5: 6391904 582ebf59bf8ab2d33b7c7801647f64ac http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.32-22_2.6.32-22.35_all.deb Size/MD5: 9867826 a112051f276dfe638c98adfbe2cda80a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.32_2.6.32-22.35_all.deb Size/MD5: 65820192 c149de16c0b96afb2c8c98d4a5884d95 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-tools-common_2.6.32-22.35_all.deb Size/MD5: 60636 0bd150c7fc457da6d1fdcab7f45b9f11 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.32-306-ec2_2.6.32-306.11_amd64.deb Size/MD5: 644868 cd3691870ce135309d16a78adbf93987 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-image-2.6.32-306-ec2_2.6.32-306.11_amd64.deb Size/MD5: 19834952 257f5cfe67bd2e727bb8b304d3301993 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 237840 9a34fe2a5b057dc2b1daf0fd30850943 http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 16524 eb35584a630e3a85766ea5ce0c4f6365 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 50052 eefea187a93724843bd127552830ac1b http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 46262 57bf21e6ee6fb7cc5f9ef8fc40d08d6a http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 51764 cd3379b942e04b3200473484370fb876 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 95192 402d06156f91240b619e96f22dd75ea3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 38660 85256686a4855537b2e8214f51a8581d http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 538882 c1d7290a91896acc094f0a26407dece2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 133544 e75341c9805a52943d5720f1dfa720bd http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 98914 e5fb0f13ddbd94ffe79ccdff3cf0f7d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 320120 a00104d9f50d0d65c86aaf575b35e11c http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 4449968 5583c3906b7ffa87fe64c0117f946fa0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.32-22-generic_2.6.32-22.35_amd64.deb Size/MD5: 744950 e2bf6a508794318db16cc6e30009d1ab http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.32-22-preempt_2.6.32-22.35_amd64.deb Size/MD5: 746984 73361899082062e6b6907a58b65e13dc http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.32-22-server_2.6.32-22.35_amd64.deb Size/MD5: 746996 e5509ecca0fcfc8894c390bf92c93bc7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.32-22-generic_2.6.32-22.35_amd64.deb Size/MD5: 30865592 448c8ed0e90302de8cc67d3c26ab4bec http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.32-22-preempt_2.6.32-22.35_amd64.deb Size/MD5: 31127336 95a46fb5b7b2a1490fb7f8dffc796665 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.32-22-server_2.6.32-22.35_amd64.deb Size/MD5: 30941912 0da9825e4c58d53ada9c259bb30b0a1d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.32-22-virtual_2.6.32-22.35_amd64.deb Size/MD5: 12400736 63c330cd8f3013a2352ba69b55e091de http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.32-22.35_amd64.deb Size/MD5: 771326 cbcf12d3846a08c4aad270f94c2967ad http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-tools-2.6.32-22_2.6.32-22.35_amd64.deb Size/MD5: 188410 8ab096d110797b29ce0e55513d2cfc9d http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 179004 82935c201d651a8f2540b4509246dcc6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 266266 62a5d101bf2df6cc46e07a6ac5c754f8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 32456 f2cf533f43928805184e2e8445851764 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 330624 5d9e4a16d27efd75fe48f737d97709a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 2379272 bc901048af3e41a52a1b6fdbcb07fd82 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 163568 7a0da6ae3ce1dc89eb492b721114b041 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 245610 f228d86967c3c2f54793d67c3723df98 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 179798 dc4938e5607f0ab8fac24b68b6cdc30c http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 39240 9fe5999bb37261ec1eafaef688af802c http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 150324 f8cbef960228695ddf3f44279d9f309d http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 76634 d9ef1f8ece226b70bac378b406b2fd72 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 22998 d4281699ad107f572718380f6f8854e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 9744 c22fbc8081b2f5cb5ab4699ab799efe0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 41032 86840a3b7f62ba90fdd545ed0909a200 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 103692 0e4189f9ea0d93fa5bdcd0a59fca46ee http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 1445188 1a3aefd74d49cac4a6c27f1df74e85fb http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 40680 cff9f81e2e76f3bd9f2b2bfb92a8b1ef http://security.ubuntu.com/ubuntu/pool/main/l/linux/squashfs-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 15420 e261cc78944c65be7ae4cf01206ed46a http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 53056 a44b3cac618e304b5ec27fa1644ac6b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 134924 ac50fc239193b640db9fe2c8dfd8e25f http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 16746 8ac42a73c7facd9dd40bbd9dae43f1ea http://security.ubuntu.com/ubuntu/pool/main/l/linux/vlan-modules-2.6.32-22-generic-di_2.6.32-22.35_amd64.udeb Size/MD5: 22362 df95e4cf43ff61bfdcd1b9c3260779cd i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.32-306-ec2_2.6.32-306.11_i386.deb Size/MD5: 621024 7b07a270215d6dd4e8d3893d74f08f8c http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-image-2.6.32-306-ec2_2.6.32-306.11_i386.deb Size/MD5: 19197386 b48d278dbd72f606b0bdee27cdfa461c http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 207168 04f695e7bd431c95896ba7343d704c24 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 212536 d34379185e1c36eb47b732fb8ff1db33 http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 34260 fac3ca7d3353a02c170c663a86817ab2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 34560 de0b20e1fb34c4a605482afe4ccd383f http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 48026 b1b6503c8d2c69dba29c0e7212210553 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 48042 b74910fe0c9fe6dedc55d616531e8e9c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 43630 9c5855cb9e72e959a86bec59ca889a63 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 43654 5086f6f21c2eec63ee2dbae90e9006c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 47824 35033954fd15422a784c6a1502d0ed05 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 47892 8a1e2129f4c4199e97f50979db7a7303 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 90440 749f5096fa443cebaa5819e7dedfd15d http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 90780 e01f7cac074601d43a87d2efed48f5f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 34638 8fa9caf412924705ae079ecbf4581859 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 34696 2f8fe16bbc0d3cc5a858c93f92e2ef65 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 535026 9d4cbabe440b3b35dca15cab907c977a http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 534774 9813309ab4c7c9cf97364bca8df2309e http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 130862 d65ebfcedc44f8a18a2a6dbc728a0808 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 130886 a7b9ec1632f19a9bc991858b8522691f http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 91586 dff28b0c21dbfd697f8f7cd153017f62 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 91658 78956e99f332397bfcdc0d5ce6466ee6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 305268 20691a772242ecf4b853df1228b49b32 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 306204 6fb638d788f6ab1fee67c09fb0054274 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 4301526 9a01c667449a37d1daf3d1f01c0cbaed http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 4430826 fabbe2cbce7e887e0da33b0ebf01c7c2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.32-22-386_2.6.32-22.35_i386.deb Size/MD5: 729628 a0c53de17e95532c4c748dcb8c3f8a82 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.32-22-generic-pae_2.6.32-22.35_i386.deb Size/MD5: 729524 e1e5eef7b13c61550d8ba319ae41a0aa http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.32-22-generic_2.6.32-22.35_i386.deb Size/MD5: 727666 bec8fde6ea2236863fa2da253cc891d6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.32-22-386_2.6.32-22.35_i386.deb Size/MD5: 30921264 fe4dbe8391e9be16a08bde9f0d7a663a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.32-22-generic-pae_2.6.32-22.35_i386.deb Size/MD5: 31020332 1ebd2f8932847138aafb7ed3e6957c58 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.32-22-generic_2.6.32-22.35_i386.deb Size/MD5: 30929116 e207e190177733b86d036e0bacd9279a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.32-22-virtual_2.6.32-22.35_i386.deb Size/MD5: 11937042 f75a9af8e6b0b1395b8c85e675b25d3c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.32-22.35_i386.deb Size/MD5: 771288 818266f8a6808cc542c9245db590c703 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-tools-2.6.32-22_2.6.32-22.35_i386.deb Size/MD5: 180486 579bada2cd54987719ae06e8269c176e http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 182664 1ff8ed599a987d8a016a359412511d72 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 182810 4711fddd17faed9cb7de1ec1d71fc53e http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 249278 23dab95ffbc4b230ddc7f1c797a3bcb9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 251962 fe10f470f29620ce2f54260684821bb8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 33842 b9dbe86e294a6f732c08965009591921 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 33864 eb80dbd858a2a1154de4670b63c33059 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 310380 2382b6c171c0aa238ddb3df4a4ad8dfe http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 310412 253a9da96c5fa7f006a3311187163630 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 2493630 c992b5a7a0c300009c416305f2e6ce01 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 2511312 975b0287bf52ab17a32b804add8de75e http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 147230 fbd3a7d9e0065703b8528bc452384621 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 147306 5039e5f46fed6adcbc78430a7f5136d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 228658 7ec7d48f3e42055a07e20e6e3e3142c7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 228734 aa7e8172c565ca8124678fa9c9444a41 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 165954 3e748608ea7b38c34be69c1ff91ad2a8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 166012 f708e9e4ad641fa6275a5a3e535b06ef http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 36362 143f93890826df238056a1e5f43bc07a http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 36486 13949aaa8ad32338fff3c56ad0780c9a http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 156928 9888f0f521ed580da0aa3eee88db9ee9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 157200 14718c7817980def8cefe742fc25f4b8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 90206 9b4f0a5ae4ecc56928710578948e8aa8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 91098 72d98fe1c957a6533d0e92bcd9df126f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 48114 c156299aa317a60124657975ba0422cc http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 48158 41a0c6cdd72641fc6327c91e2a41303e http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 9106 b3c84333d67154196fe492330ec937f4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 9112 c6d1478d99deba24df0f1abc7a1c6360 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 37450 d41485700623523bc62b122a67f57f37 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 37472 8c553307ba6fec0874a4767f46eac97c http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 93834 49462cab3b38d4e445456e6496f688e7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 94402 a0ab7d68e42751978e478e46b39c8b58 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 1555960 02d24e085fcacdc34b770d8e4b3e60c1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 1506776 e05a832ffa4bb240518968c28eb05fd2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 37966 d5bd6c357df20158f33dc5d8b898786e http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 37970 b1917a566671571351108712ea8b7cea http://security.ubuntu.com/ubuntu/pool/main/l/linux/squashfs-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 15568 0094f62a06418771e1b7ce988e5229dc http://security.ubuntu.com/ubuntu/pool/main/l/linux/squashfs-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 15580 5f1e986aa2e88d63d62322ec85e8da17 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 50002 d7a47201c272480d804ab92e91a9c00f http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 50056 08be19a737d5c6b1b99b21c072e28d75 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 123832 091e7733c12a45745381b4fe35d3640b http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 124268 2e5ad0b6c7b80907a9927bb37446aa06 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 15488 0afa442071262b64ba4fbfe594b44306 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 5710 b999ccf838edc897b8874914e3f25148 http://security.ubuntu.com/ubuntu/pool/main/l/linux/vlan-modules-2.6.32-22-generic-di_2.6.32-22.35_i386.udeb Size/MD5: 20788 7140a98dd26b05e5278d938a02b9af4f http://security.ubuntu.com/ubuntu/pool/main/l/linux/vlan-modules-2.6.32-22-generic-pae-di_2.6.32-22.35_i386.udeb Size/MD5: 20798 a2cab82a0956e6ec96375cd9f6e23a29 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 340852 5448ca0d59837472e8062a7758249b05 http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 281626 20cdb99682c1f387eedd2dfdccc39c0b http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 60558 30fa795c08458a313f3a04c3ac06b833 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 68708 65c5e7b743e6e041e55ab080726e6326 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 48390 9d549e434d1f43ca803c400337537735 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 53128 e1b19e86e96b2a705f52257d0ba3e446 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 96780 69931c2ff42e93b841cbc39040b5f30b http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 109864 55530222d62b149471f8f7ec0a0b401c http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 41000 e504306368b70e7b1d4080fb9f104774 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 40386 867836bfd128cb699b6084d22ae5b9ba http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 598544 7c74713ce524ca6056f98b948ba1009d http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 631378 f6d7ccfc08940e0f182d7c347aa6fe1b http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 155250 5e58765f9014ac1b91db52377be3214e http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 150514 1c673dcbb00b8bdb03c140e2c16c1c0b http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 106286 f66ae752322b3a80afd81acce9678c54 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 110218 b81a7936f5d028e6e2d1b0c66ec67a82 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 418794 7614b2ba143ebc43a4df17d3a553f07c http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 355170 c461e16d2638bbd922ba08faa3aadb1f http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 4184440 fcf9a52cf7d828353fc20fc42f04074e http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 5568942 e1244e4847aa34cefffd29c5e69d17da http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.32-22-powerpc-smp_2.6.32-22.35_powerpc.deb Size/MD5: 834094 d2a5a47fe19b15efcbade3a458886100 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.32-22-powerpc64-smp_2.6.32-22.35_powerpc.deb Size/MD5: 853586 41d8ab0b3bac34b9ef18b3bd1751c06a http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.32-22-powerpc_2.6.32-22.35_powerpc.deb Size/MD5: 834092 e1e2aa29e1424aef7ee116b1aa782e44 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.32-22-powerpc-smp_2.6.32-22.35_powerpc.deb Size/MD5: 27690922 d93d95c548c34b5632bddc5f69e7c400 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.32-22-powerpc64-smp_2.6.32-22.35_powerpc.deb Size/MD5: 28531758 631a3347cb263b30bbac36ecfc73b928 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.32-22-powerpc_2.6.32-22.35_powerpc.deb Size/MD5: 27421200 9068bbc77af845ca5b609d63bacd3308 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.32-22.35_powerpc.deb Size/MD5: 760646 0e4b57d343052f30433529cbe14385ab http://ports.ubuntu.com/pool/main/l/linux/linux-tools-2.6.32-22_2.6.32-22.35_powerpc.deb Size/MD5: 196496 08665e49676e012315b941d37f838812 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 289406 e171a625ccdacd6709fee1c6e116e3bf http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 310398 ac3b6dacc77e4002ca825e265bbedea2 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 221150 6a0092ae1be40ca9ee127b2232d15cb0 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 223804 af7ba0faf09abaf57945a5e7fc2ee506 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 31938 5101007b3b2c9c45eb839952ff705786 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 36496 5dbc40f2acca40498c173d0886f9c2fb http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 343926 8c91a96bd0c3c6cc134532d13fd3d37e http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 385810 4a30a8fe1a7d7c1367938575c185f169 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 2173120 cb265da97dfe62f146fd1fe41ebfc1f9 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 2372824 8525c63c57d9345520be8210544f214c http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 223066 00121583edd924fe1757fa727ce876f3 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 217338 72c2573434f500ed671fa00582074ca7 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 259842 55eca2948a90fd62fa2e4ff0a9af80c9 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 296094 bfda8ec67edf7abd1478a60b126995ac http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 131886 ad03d7e0dbe804de4593e2fb86ebc4d0 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 154672 b67bb554dccec4c27d6accfbc97de8e4 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 50974 ee184ba015afebe43b7d67545684a609 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 45510 62e72d83114e691e6644f77328eae811 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 108060 869c7fefad265a86e620a08b85dccca2 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 123884 14b554ea470bda34e64f0d1df7fc6516 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 84352 1f3ffcebad40e4289c58fb81aec0855e http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 89956 8f8f82acc6aad562a95d254c5fac022c http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 77236 e74748e50bc049e1ca8abd0babfcae76 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 28408 34f21190bd3bbd99cbcd25074d41faaa http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 8958 91a68cc7a6fe6edf7ac0be03e165b4da http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 10186 b4b821de875ffd8607a5f867f42854cc http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 62110 8194a3936a0ec9bbdc1866f8201d7015 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 72518 009ef857c62f697f9ee69284634b274f http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 106886 da2d5917ae498c3078ebbd70ff3da14b http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 136600 e6165d5923d6aefd3f3398010ee23694 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 1648486 4f570da059c50025d135c0e3f75ccd5e http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 1575088 c836ac8e48f8d71fabddbba3b950c198 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 78218 eddd03eab6e34af5a232892afc3bca0a http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 83474 0ef56c605b39df3e5edfb67682ae2c06 http://ports.ubuntu.com/pool/main/l/linux/squashfs-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 17454 c7dbbca300fc48245cd4cfcf51d5b35d http://ports.ubuntu.com/pool/main/l/linux/squashfs-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 18520 94418ced4448d327ec47dc602c17241a http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 67940 7a38341b4bc2c79511068590fc302c01 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 80278 e54c3d70347bae3108d67b1bc2bc4516 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 152200 1dc38fce24ffad9be140b3948e356e05 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 159704 c78e3cd87f71f9a728004fd7e546cb50 http://ports.ubuntu.com/pool/main/l/linux/vlan-modules-2.6.32-22-powerpc-di_2.6.32-22.35_powerpc.udeb Size/MD5: 22518 a83c7b1e9ffa2a3660bb41fbd3fcbaca http://ports.ubuntu.com/pool/main/l/linux/vlan-modules-2.6.32-22-powerpc64-smp-di_2.6.32-22.35_powerpc.udeb Size/MD5: 25778 b7471dba3ec7b8c05d5ea5739933fe93 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 146488 3b7be44529c4cc86514657ac7b12b12b http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 71440 aad8b8756f92832f4febd71db1f966dd http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 47602 3db40ba1ebd556f46b88da6dbed5c5d3 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 98038 101ce2471c33a479cf85df2b2e2c5211 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 591060 cf8fb919251529d57a1f318311b3707a http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 151664 20c364a8b683a0c4ba27567503cf5296 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 99356 e0c14c26cb974c7825f345cd70429841 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 3186134 44a50ae97caf252433b0ecfac295ec59 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.32-22-sparc64-smp_2.6.32-22.35_sparc.deb Size/MD5: 652300 cd39dcccee9c7a771274cdf208530af6 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.32-22-sparc64_2.6.32-22.35_sparc.deb Size/MD5: 651290 f71657ec5a90274fe87615325f631740 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.32-22-sparc64-smp_2.6.32-22.35_sparc.deb Size/MD5: 22598018 851cda52ff2ffdd88b0732c63f74b5c8 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.32-22-sparc64_2.6.32-22.35_sparc.deb Size/MD5: 22149494 2e6f4fc8428d316ccf24367738ec4cdb http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.32-22.35_sparc.deb Size/MD5: 771020 0f4a6d78f1bfc4c66dec85397a1dfe38 http://ports.ubuntu.com/pool/main/l/linux/linux-tools-2.6.32-22_2.6.32-22.35_sparc.deb Size/MD5: 198080 42b0b00c0a74c8f19e63959105f8312f http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 280878 fd57b5da83294769b64c507d1819bf0e http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 214702 5aacff2a187543bc7c03d401f68607be http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 31894 37e7ede984e9a95085fef957bd24f9d3 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 337020 a60a63332965ca2e7eb04b9e5af55555 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 1765768 473b47001814ec3dcfe3f7d13b591ddf http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 246854 4fcf74412f97aaad8445b41a8568ed9d http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 139988 d2f75d8b75b929fbf9220da8bdf7e589 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 39912 a365983317c1b3c4dda94e11903aff3b http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 206902 462e5550a90007c8c5418938dd676f6b http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 9178 c9f2992677c044041a448845a7d38b11 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 64466 52cf00bc003b8b5701298fad5517731f http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 212946 fbbb948d246dbea1ce131546d8bf6c2e http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 1272618 4aec314341cdc776f20508b90866f5ae http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 96624 f0995ec49806ff5ede44bd80ff510d6e http://ports.ubuntu.com/pool/main/l/linux/squashfs-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 17702 9eb7b43e2289a69f9dcd478a5dc8d754 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 208204 b7724ff354d34b60cf7e2c5f50e61637 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 193306 12a8a53ca0ef921b491d73d2bc051f73 http://ports.ubuntu.com/pool/main/l/linux/vlan-modules-2.6.32-22-sparc64-di_2.6.32-22.35_sparc.udeb Size/MD5: 27206 6ae9400c4f74471e4b0baa8e12220191 . ---------------------------------------------------------------------- Get a tax break on purchases of Secunia Solutions! If you are a U.S. company, you may be qualified for a tax break for your software purchases. ---------------------------------------------------------------------- Stay Compliant Alerts, Technical Descriptions, PoC, Links to patches, CVSS, CVE, Changelogs, Alternative Remediation Strategies, and much more provided in the Secunia Vulnerability Intelligence solutions Free Trial http://secunia.com/products/corporate/evm/trial/ ---------------------------------------------------------------------- TITLE: Debian update for linux-2.6 SECUNIA ADVISORY ID: SA39830 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/39830/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=39830 RELEASE DATE: 2010-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/39830/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/39830/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=39830 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for linux-2.6. 5) The "nfs_release_request()" function in fs/nfs/pagelist.c can be interrupted, which can be exploited to e.g. cause a NULL pointer dereference by killing an application while it performs certain actions on an NFS file. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Debian credits: 1) Chris Guo from Nokia China and Jukka Taimisto and Olli Jarva from Codenomicon Ltd. 2) Neil Hormon 3) Wufei 4) Sachin Prabhu 5) Trond Myklebust ORIGINAL ADVISORY: DSA 2053-1: http://lists.debian.org/debian-security-announce/2010/msg00096.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Fixes for CVE-2010-0419 caused failures when using KVM in certain situations. This update reverts that fix until a better solution can be found. We apologize for the inconvenience. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2053-1 security@debian.org http://www.debian.org/security/ dann frazier May 25, 2010 http://www.debian.org/security/faq - ---------------------------------------------------------------------- Package : linux-2.6 Vulnerability : privilege escalation/denial of service/information leak Problem type : local Debian-specific: no CVE Id(s) : CVE-2009-4537 CVE-2010-0727 CVE-2010-1083 CVE-2010-1084 CVE-2010-1086 CVE-2010-1087 CVE-2010-1088 CVE-2010-1162 CVE-2010-1173 CVE-2010-1187 CVE-2010-1437 CVE-2010-1446 CVE-2010-1451 Debian Bug(s) : 573071 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. CVE-2010-0727 Sachin Prabhu reported an issue in the GFS2 filesystem. CVE-2010-1083 Linus Torvalds reported an issue in the USB subsystem, which may allow local users to obtain portions of sensitive kernel memory. CVE-2010-1087 Trond Myklebust reported an issue in the NFS filesystem. This has an unknown security impact. CVE-2010-1173 Chris Guo from Nokia China and Jukka Taimisto and Olli Jarva from Codenomicon Ltd reported an issue in the SCTP subsystem that allows a remote attacker to cause a denial of service using a malformed init package. CVE-2010-1187 Neil Hormon reported an issue in the TIPC subsystem. CVE-2010-1437 Toshiyuki Okajima reported a race condition in the keyring subsystem. CVE-2010-1446 Wufei reported an issue with kgdb on the PowerPC architecture, allowing local users to write to kernel memory. Note: this issue does not affect binary kernels provided by Debian. The fix is provided for the benefit of users who build their own kernels from Debian source. CVE-2010-1451 Brad Spengler reported an issue on the SPARC architecture that allows local users to execute non-executable pages. See the referenced Debian bug page for details. For the stable distribution (lenny), these problems have been fixed in version 2.6.26-22lenny1. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 (lenny) user-mode-linux 2.6.26-1um-2+22lenny1 Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - -------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-22lenny1.dsc Size/MD5 checksum: 5778 713b8a3f2bc10816264a81c0a9eb7860 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-22lenny1.diff.gz Size/MD5 checksum: 7894925 86ecf2ca8808aea84b0af06317616a6c Architecture independent packages: http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-22lenny1_all.deb Size/MD5 checksum: 126228 be9c5c392a1ab0cf0a297063abf983f6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-22lenny1_all.deb Size/MD5 checksum: 1764832 b0d63ac0b12a0679867b8b53bf4c3a54 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-22lenny1_all.deb Size/MD5 checksum: 2871892 c5c0e0d8ea193812566f9481e6ca8440 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-22lenny1_all.deb Size/MD5 checksum: 48764508 9a203c801fd068d282d1cbb11fbab68f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-22lenny1_all.deb Size/MD5 checksum: 4627886 fe792ad0bcf2c9f8ac4bb496e9885a20 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-22lenny1_all.deb Size/MD5 checksum: 110906 6ef2c4468e55570a3e571021299d4760 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 374304 046703c72d1bf6bcc81cb462e0f4d7ec http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 372708 a6922d1de2035d2745d5ad56a6e38eb9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 28676342 687312e7cdf46a79c7c4b974cbe5b542 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 3620318 4c7448f11e8a63ddec95b7ddaf6e9c02 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 29374588 452a568c8f74d69e3b7ba6e1685d4863 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 373176 fbda1e3fb70a213ee26ab4e0a5af16a7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 110428 82fc153ba577607964e55ce0d5eba8a8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 110404 9e24c63932b52a18206f951f18438a90 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 760714 dbef4d63df60be4c54e5a8999b2f1203 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-22lenny1_alpha.deb Size/MD5 checksum: 28661322 db654cfdd26ec48b75fbf73bae54d15b amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 391290 529d0af88248eeb9db6c720147c3c9c9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 1809098 2119049dd7757d1a7aa9b0cb6d65a4e6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 753158 c06cd160c023755232e79c187b20a98e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 391970 7e2145ea394dcbd739307b7cff343ffc http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 387348 d76eb180fa81f742ee87d9524f3bc5a3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 20949852 a3c0bd81f9f9cc96d2e42521fb963fb9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 3757248 db362b7459220059221418a2b1542659 http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 110338 19ec7c8ca6e51c0a93352a059f9d5df8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 19315990 c185e17d0ca1ed640106dbb828c919f8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 110374 0e703e2b4306ca1e68cc61460ef86686 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 21102730 604476ba9a35fdb435b4409e5323cf89 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 3724662 ae8fed857d819d7a3dd5b3085c367085 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 3780338 a2cd8cdd414be8c412bd923576ccb456 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 3856722 9621b8e802a4e482de1db03572b0f72d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 20931422 9d71c45188552af06abd5a04d62b7c84 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 110350 acdbea58008fec881f380752f9fc3ea6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-22lenny1_amd64.deb Size/MD5 checksum: 397220 709b723fefd37764ab8bffb079eb312f arm architecture (ARM) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 12494622 96304f7aa2bddb3ea2ef404afaa4a513 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-footbridge_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 352980 44e27ad26963a2c1dbed9240b28d7c5b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-footbridge_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 10294730 8066047f7d15cd2f7a6c93018cfaae37 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 369410 e26f28edccaeabf04dec8e4d2d8cc88f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 11443274 d9232ed2bbde0e851f72488a2eea831d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-arm_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 110444 631821dedb019f48b3133246338f4521 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 751260 027d7225ddd40e26f12a9c7c7cc17b55 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 4140556 a36e76af416da97176639d34a6dd42a2 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 368088 8388881b72ce56cef47cb61a51abfe8d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 11731284 cc6e8949fe66950db619eb2996332572 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 110404 611a83d9ddb07104525d3ae7eca714b8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-22lenny1_arm.deb Size/MD5 checksum: 364180 878a5bd8fa6419dd6efe6422c7a14cbc armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 365700 0327b96ec1802e56c4ffee19ce1c9dc5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 368810 05ee76d995844fc8461223846ab41802 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 110358 830c76ccdf7d7c99f3ea84e1e8bc962d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 11691670 0ecbec767291466b244fd83506f1e112 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 110392 c64900dc9ec3812df164d47c006ecffe http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 11399558 2d16b67f176b8223bd4dd33b90217a2e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 340088 3b6e8d8210d6e6e68eee6ddc2cab8f09 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 4136736 42aebe2283d941bb7724daf03882914d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 12451186 f22b998fbdfa29023573bf9b6988dba9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 751906 d1d0480ba764b4ca3bdae8a651acd066 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 9606938 569b72a642446ac1ffe4ed2aa13f50aa http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-22lenny1_armel.deb Size/MD5 checksum: 370546 a3f2c479e65c9ae3be17641001b33afc hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 302516 dd1800b19f0df391bd05658a0a7846c0 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 110354 479a0788049f39e648e57a3c5007b993 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 3598606 4429cb37eda685553dde7198e5b47fd5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 762928 fe2e02babc93f6bdcc16c8f7ad8a5a88 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 301842 1e58cca757600c08424118ace4a50da5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 110374 9198f6103932b14d766b0e4c32110806 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 301034 890ed76fde4dedddcb9db60f7ba0091d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 17127808 a2cffd928aa5e30ab9f1f30e41b9aed1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 17678124 53aa5bddb6f2af761a8bfcb1fef54d02 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 15784596 c892e98e5ab6fcf6aa84aa5e5021309f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 16388546 0ce6b1186e64e745a0680088d2c9fcad http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-22lenny1_hppa.deb Size/MD5 checksum: 303348 6991ba8c20ae638798fda57540014d30 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 399720 ee32214acdf697edca92068f2d64f8b3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 110450 191bb7f29ece9f8ea2f8cff03efae3cd http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 398126 32ef574340b20e8f2c7465f2290a8c0b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 413242 a5f35b11ae06961132fd16e21d5b5337 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 409820 586c33fc476019b08a3b75816d9bf520 http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 110392 3f9c02cb47bc1070b92358227e030768 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 20530142 c8e9146e82955c0dda3bcabe8b7542ef http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 20509696 98b0e600e9bca75f016f1c4878d9d8e7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 767274 369a4858f7dfa2560ec664a08fdbac42 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 3865974 0510efa636bb1554f9a2c040c1ee6f19 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 20409094 798b4bb9a4b8d81affc30dbc2f284cc3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 20679068 6b6c2a57037f510313311d76849a9b0a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 3807640 6b21b3346b8196f19ea59d16a2e7b8f4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 18198474 627d51edc59f86bd8dfe2e7a74a25723 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 20381812 493e6acfd2d47e456d1471ef44dd18ba http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 1596580 5f456e26e01a793881871f4d683b13b1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 417750 057786734b1771be73cea6c484a09cce http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 410364 4f381b525756e6cf131be68398e58fe7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 110394 46fba74b6675f6df2057da14ba3931f9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 409858 99ce0b8165bd71e4b90745ad5a7577d1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 3947966 aabcdf68ca8c4d35d87ad2eecb569517 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 20350468 fb0caa5f722a968820562223577a4e74 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 21022322 befe070ada9e62a69c15f38c9f0e706a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 3842206 b5e7820e844761d65d8dbf0a4ea639e5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-22lenny1_i386.deb Size/MD5 checksum: 411454 771b6960fbfd4658124eac3673e01e90 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 359186 d2391d9bdb5fe861abe5fbd0f9f2f989 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 3659176 8df0d712004a67cafedb9b4926970368 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 359256 18a5fda7c38b900462ea120ae04a3c98 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 34440420 2eddbf5140a8dc8a4a74d4e11a77ea44 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 751862 329f5ddfc14f4f6e63aa3834f7a927fe http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 3691882 19f4f11bbad0443a7ae7153823bcc0e7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 359722 f3d89cc673ff0f2e5b7ff2e718ff44f1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 34252074 96729f987e7b7e02802b240da3a3293c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 34376386 f97af824a762b90b102d84f5c1bf65f8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 110350 9881f68b5f5446c4c773dc60d655a589 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 34191126 c5412cb1277801d2a2488be36dc1ad0e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 110386 c1ddbef0eeae94731617e277b32018c6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-22lenny1_ia64.deb Size/MD5 checksum: 359654 cba07c82268fc13d6007ecf4be2c8508 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r4k-ip22_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 262068 31c1aadffe81551bef675f9bc91b6f1e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 29432478 38c75d466da039b9e2ac1c70898b50ae http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 358936 9ec1ce1473362c253cf4dc7d2fd791f6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 3966442 111674b840698cede9cdf3ecec2d5e3b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 302384 7f9f26f809e46a4748158588402d7ace http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 359360 d07b20a27666a8cb2c43f03eeb729c57 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-ip32_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 285392 9d513d80efd66be3e9ba7fa929b13b5f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 303780 3a507cccd77e01f7449a8ff73a3e5f6f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 760156 80eaea319450a06fe9c2310bdff051e2 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 23504896 f928208abb4eb3ade6185409df5fa417 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 20252984 09ee52755ae4cf03ca082e8dbc977206 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 20244176 3c568fce5cab57746ca1dc53c8fcc754 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 110400 6676cd4c8df659937bac47ed0c08bf37 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mips_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 110464 fcbbce5e6741f1a1ec4830dba9a8ee91 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r4k-ip22_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 11542616 0ead2243e1d4c2cb50760d97f9a6a2f7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-ip32_2.6.26-22lenny1_mips.deb Size/MD5 checksum: 15769388 08c7a66b4f1a5c9bc9f8cc5683d5786f mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 19682018 7e665290822815634b1666523270919e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 110460 445931c0ad4fa00f8875f5cbaf9d83aa http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 19667420 02ae9fef2fea1c4ccd667c73025039f9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 760930 064ffab1507d84791e943528662e4c86 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 297650 4433daa21c6e697d8c1bb33355e14ee1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 359828 870a33c1aea0535ab0b25f3016aa9623 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 23074870 998294807dde61335d413ecf50fdbf3b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 3967560 590a467f25e74daf442dfd54caaf104e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 303240 9620ba551b29adb6052e13f8277347c0 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 302768 59fe05d578020afc8e1e8fe3fce3b41c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 28568828 86e20054979d1ffc56c24f5db73d044a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 110406 3a073335ba3488e55549b82e005fefda http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 15056072 429c33859de62cdfaa86e809e8625bec http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-22lenny1_mipsel.deb Size/MD5 checksum: 359706 43272f2843e3b39735812c24aad332f5 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 110358 eb7bc8e6a28a6801bc7be5d22bf95a2f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 23581674 48797e6c39bef5a0fd120d973b541f07 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 363808 c2c489e8798d50db73d709367e390113 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 365378 a4c38de9a287a71e84d09d5474393d41 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 110392 9dd420c73a4b0c7d55fe2372a439adfb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 23420066 5bf69b74154de2ae05db3280f2070b74 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 3782640 31d483da8ccb87dbd7f75200515c8b3f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 23474914 42ba4ae5a23355aba50cb1a8c018a631 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 366524 a3970adc5168a37d49f28c5ce4ca05ff http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 746782 d0ef1631862e4130479ce4e3da0a6050 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 3814900 2b936155fef59a231764ca014043b806 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 370710 35281c3da9947c322b12a014adabbcad http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 23159310 22caa95faeb5687d37e677b4e34503b6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 371066 9961d473b25000f7bb7a23bde2720323 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-22lenny1_powerpc.deb Size/MD5 checksum: 23557104 bd8ab7bd0594a795f34dac94ee24ffae s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 758022 786d9ca518b1a573caf38f5492104cc4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-s390x_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 238208 3155d20f0210f5fd9a2e27fc28165502 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 236574 05d74c2012431ee9bdae90e172a82de0 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390x_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 237136 7950ba3ebfc31e3cf6536b34eccaf684 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390x_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 7828888 56510e3515975d5ed979a55fb0bb14b7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390-tape_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 1633146 654e757be4670f764a99049c7984aa98 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 3633806 0c911d5a677f4fdb22f44cf617cd8374 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 7534830 da50ed9bfd6846d2ab2ced362b19ab4e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-s390x_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 7889984 06c9c7d89731808d7e376986cc472843 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 110394 68dd1fe380aa0c9ba6caa84f934569fd http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-s390_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 110416 c1d7fd64b9efab8228f305d5474de5d1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_s390.deb Size/MD5 checksum: 3598560 f63cbef687984b543d1152e013bc95fe sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 14291528 b0e802720e53cb53650b8a2d75d1588d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-sparc64_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 304718 aa3ebf9c5e7cde5fc11513c27b4396d0 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-sparc_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 110370 d746af2e449aaf644370d7b88a03cf2d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 14631258 b056f4f2245e4e2da6ef8e7549224226 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64-smp_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 14611896 ad3108a56bbacf863b4f18521275887c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 800838 114ac1590a19b405fcacfb06ee36e55a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 3820700 fff1d7baf26f32217a8100ca14875708 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 110352 02deff17df2e96a0ed208d786bdf9315 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 3785870 518b0d1f9d0d13adce8d6707726031ab http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 302894 c9354f7c9769be34b6356e0d042a294e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64-smp_2.6.26-22lenny1_sparc.deb Size/MD5 checksum: 304918 228d8163856c2e8e261b0fd086475d68 These files will probably be moved into the stable distribution on its next update