SecurityHome.eu Security vulnerability: Cisco Security Advisory 20110928-dlsw

Home / vulnerabilities PDF

Cisco Security Advisory 20110928-dlsw
Posted on 29 September 2011
Source : packetstormsecurity.org Link

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS Software Data-Link Switching
Vulnerability

Advisory ID: cisco-sa-20110928-dlsw

Revision 1.0

For Public Release 2011 September 28 1600 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Cisco IOS Software contains a memory leak vulnerability in the
Data-Link Switching (DLSw) feature that could result in a device
reload when processing crafted IP Protocol 91 packets.

Cisco has released free software updates that address this
vulnerability.

This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20110928-dlsw.shtml.

Note: The September 28, 2011, Cisco IOS Software Security Advisory
bundled publication includes ten Cisco Security Advisories. Nine of the
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the Cisco IOS Software releases that
correct the vulnerability or vulnerabilities detailed in the advisory as
well as the Cisco IOS Software releases that correct all vulnerabilities
in the September 2011 Bundled Publication.

Individual publication links are in "Cisco Event Response: Semiannual
Cisco IOS Software Security Advisory Bundled Publication" at the
following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep11.html

Affected Products
=================

Vulnerable Products
+------------------

Cisco IOS devices with the DLSw promiscuous feature enabled are affected
by the vulnerability described in this advisory. Devices with the DLSw
promiscuous feature enabled contain a line in the configuration defining
a local DLSw peer with the promiscuous keyword. This configuration
can be observed by issuing the command "show running-config". Systems
configured with the DLSw promiscuous feature enabled contain a line
similar to one of the following:

dlsw local-peer promiscuous

or

dlsw local-peer peer-id <IP address> promiscuous

To determine the software that runs on a Cisco IOS device, log in to
the device and issue the "show version" command to display the system
banner. Cisco IOS Software identifies itself as "Cisco Internetwork
Operating System Software" or "Cisco IOS Software." Other Cisco devices
do not have the "show version" command or give different output.

The following example shows output from a device running IOS version
15.0(1)M1:

Router> show version
Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 02-Dec-09 17:17 by prod_rel_team

Additional information about Cisco IOS Software release naming
conventions is available in the white paper Cisco IOS and NX-OS
Software Reference Guide at:

http://www.cisco.com/web/about/security/intelligence/ios-ref.html.

Products Confirmed Not Vulnerable
+--------------------------------

No other Cisco products are currently known to be affected by this
vulnerability.

Details
=======

DLSw provides a means of transporting IBM Systems Network
Architecture (SNA) and network BIOS (NetBIOS) traffic over an IP
network. The Cisco implementation of DLSw over Fast Sequence
Transport (FST) uses IP Protocol 91. The promiscuous DLSw feature
permits the local peer to establish connection with remote peers that
are not statically configured.

A Cisco IOS device that is configured for DLSw listens for IP
protocol 91 packets. Depending on the DLSw configuration, UDP port
2067, and, one or more TCP ports can also be opened. The
vulnerability described in this document can only be exploited via IP
Protocol 91 and can not be exploited using either the UDP or TCP
transports.

Devices with only statically configured DLSw peers are not affected
by this vulnerability.

This vulnerability is documented in Cisco bug ID CSCth69364 and has been
assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2011-0945.

Vulnerability Scoring Details
=============================

Cisco has provided scores for the vulnerability in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.

CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.

Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.

Cisco has provided an FAQ to answer additional questions regarding
CVSS at:

http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:

http://intellishield.cisco.com/security/alertmanager/cvss

* CSCth69364 ("DLSw FST Memory Leak")

CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete

CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed

Impact
======

Successful exploitation of the vulnerability may result in a memory
leak that can lead to a denial of service condition. Memory
exhaustion can cause an affected Cisco IOS device to reload or become
unresponsive; a power cycle might be required to recover from the
condition.

To identify the memory leak caused by this vulnerability, issue the
"show dlsw peers | include FST.*DISCONN" command; a monotonically
increasing list of FST peers that remain in the DISCONN state indicates
that memory is being held, as shown in the following example:

Router> show dlsw peers | include FST.*DISCONN
FST 176.74.146.194 DISCONN 1 0 prom 0 - - -
FST 9.180.128.186 DISCONN 1 0 prom 0 - - -
FST 139.71.105.39 DISCONN 1 0 prom 0 - - -
FST 138.150.39.18 DISCONN 1 0 prom 0 - - -
FST 253.240.220.167 DISCONN 1 0 prom 0 - - -
FST 252.186.119.224 DISCONN 1 0 prom 0 - - -
FST 41.255.172.252 DISCONN 1 0 prom 0 - - -
! --- Output truncated
Router>

Software Versions and Fixes
===========================

When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to determine
exposure and a complete upgrade solution.

In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.

Additionally, the Cisco IOS Software Checker is available on
the Cisco Security Intelligence Operations (SIO) portal at
http://tools.cisco.com/security/center/selectIOSVersion.x. It provides
several features for checking which Security Advisories affect specified
versions of Cisco IOS Software.

Cisco IOS Software
+-----------------

Each row of the following Cisco IOS Software table corresponds to a
Cisco IOS Software train. If a particular train is vulnerable, the
earliest releases that contain the fix are listed in the First Fixed
Release For This Advisory column. The First Fixed Release for All
Advisories in the September 2011 Bundled Publication column lists the
earliest possible releases that correct all the published
vulnerabilities in the Cisco IOS Software Security Advisory bundled
publication. Cisco recommends upgrading to the latest available
release, where possible.

+------------------------------------------------------------+
| Major | Availability of Repaired Releases |
| Release | |
|------------+-----------------------------------------------|
| Affected | | First Fixed Release |
| 12.0-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------------------------------------------------------|
| There are no affected 12.0-based releases |
|------------------------------------------------------------|
| Affected | | First Fixed Release |
| 12.1-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.1E | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 12.2-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 12.2 | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | |
| | fixed in Release 12.4 | |
| 12.2B | | Vulnerable; first |
| | Releases up to and | fixed in Release 12.4 |
| | including 12.2(2)B7 | |
| | are not vulnerable. | |
|------------+-----------------------+-----------------------|
| 12.2BC | Not vulnerable | Vulnerable; first |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2BW | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | |
| | fixed in Release | |
| | 12.2SB | Vulnerable; first |
| 12.2BX | | fixed in Release |
| | Releases up to and | 12.2SB |
| | including 12.2(15)BX | |
| | are not vulnerable. | |
|------------+-----------------------+-----------------------|
| 12.2BY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2BZ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2CX | Not vulnerable | Vulnerable; first |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2CY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2CZ | Not vulnerable | fixed in Release |
| | | 12.2SB |
|------------+-----------------------+-----------------------|
| 12.2DA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2DD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2DX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2EU | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Releases up to and |
| 12.2EW | Not vulnerable | including 12.2(20)EW4 |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| 12.2EZ | Not vulnerable | to any release in |
| | | 15.0SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2FX | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2FY | Not vulnerable | fixed in Release |
| | | 12.2EX |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2FZ | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; migrate |
| 12.2IRA | to any release in | to any release in |
| | 12.2IRG | 12.2IRG |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; migrate |
| 12.2IRB | to any release in | to any release in |
| | 12.2IRG | 12.2IRG |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; migrate |
| 12.2IRC | to any release in | to any release in |
| | 12.2IRG | 12.2IRG |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IRD | 12.2(33)IRD1 | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IRE | 12.2(33)IRE3 | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; migrate |
| 12.2IRF | to any release in | to any release in |
| | 12.2IRG | 12.2IRG |
|------------+-----------------------+-----------------------|
| 12.2IRG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXA | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXB | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXC | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXD | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXE | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXF | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXG | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXH | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2JA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2JK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2MB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2MC | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2MRA | Not vulnerable | fixed in Release |
| | | 12.2SRD |
|------------+-----------------------+-----------------------|
| 12.2MRB | Not vulnerable | 12.2(33)MRB5 |
|------------+-----------------------+-----------------------|
| | Releases prior to | Releases prior to |
| | 12.2(30)S are | 12.2(30)S are |
| | vulnerable; Releases | vulnerable; Releases |
| 12.2S | 12.2(30)S and later | 12.2(30)S and later |
| | are not vulnerable. | are not vulnerable. |
| | First fixed in | First fixed in |
| | Release 12.2SB | Release 12.2SB |
|------------+-----------------------+-----------------------|
| | 12.2(31)SB20 | 12.2(31)SB2012.2(33) |
| 12.2SB | | SB10 |
| | 12.2(33)SB10 | |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SBC | fixed in Release | fixed in Release |
| | 12.2SB | 12.2SB |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SCA | fixed in Release | fixed in Release |
| | 12.2SCC | 12.2SCC |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SCB | fixed in Release | fixed in Release |
| | 12.2SCC | 12.2SCC |
|------------+-----------------------+-----------------------|
| 12.2SCC | 12.2(33)SCC7 | 12.2(33)SCC7 |
|------------+-----------------------+-----------------------|
| | 12.2(33)SCD6 | |
| 12.2SCD | | 12.2(33)SCD6 |
| | 12.2(33)SCD7 | |
|------------+-----------------------+-----------------------|
| | 12.2(33)SCE1 | 12.2(33)SCE112.2(33) |
| 12.2SCE | | SCE2 |
| | 12.2(33)SCE2 | |
|------------+-----------------------+-----------------------|
| 12.2SCF | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SE | Not vulnerable | 12.2(55)SE312.2(58)SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEA | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEB | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEC | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SED | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEE | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEF | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(25)SEG4 are |
| | | vulnerable; Releases |
| 12.2SEG | Not vulnerable | 12.2(25)SEG4 and |
| | | later are not |
| | | vulnerable. First |
| | | fixed in Release |
| | | 12.2EX |
|------------+-----------------------+-----------------------|
| | Releases prior to | Releases prior to |
| | 12.2(40)SG are | 12.2(53)SG4 are |
| 12.2SG | vulnerable; Releases | vulnerable; Releases |
| | 12.2(40)SG and later | 12.2(53)SG4 and later |
| | are not vulnerable. | are not vulnerable. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2SGA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2SL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2SM | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2SO | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SQ | Not vulnerable | 12.2(50)SQ3 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SRA | fixed in Release | fixed in Release |
| | 12.2SRD | 12.2SRD |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SRB | fixed in Release | fixed in Release |
| | 12.2SRD | 12.2SRD |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SRC | fixed in Release | fixed in Release |
| | 12.2SRD | 12.2SRD |
|------------+-----------------------+-----------------------|
| 12.2SRD | 12.2(33)SRD6 | 12.2(33)SRD6 |
|------------+-----------------------+-----------------------|
| 12.2SRE | 12.2(33)SRE3 | 12.2(33)SRE4 |
|------------+-----------------------+-----------------------|
| 12.2STE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SU | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Releases prior to | Releases prior to |
| | 12.2(29a)SV are | 12.2(29a)SV are |
| | vulnerable; Releases | vulnerable; Releases |
| 12.2SV | 12.2(29a)SV and later | 12.2(29a)SV and later |
| | are not vulnerable. | are not vulnerable. |
| | Migrate to any | Migrate to any |
| | release in 12.2SVD | release in 12.2SVD |
|------------+-----------------------+-----------------------|
| 12.2SVA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases prior to | Vulnerable; contact |
| | 12.2(25)SW12 are | your support |
| | vulnerable; Releases | organization per the |
| 12.2SW | 12.2(25)SW12 and | instructions in the |
| | later are not | Obtaining Fixed |
| | vulnerable. | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SX | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SXA | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SXB | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SXD | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SXE | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| 12.2SXF | 12.2(18)SXF17b | 12.2(18)SXF17b |
|------------+-----------------------+-----------------------|
| 12.2SXH | 12.2(33)SXH8a | 12.2(33)SXH8a |
|------------+-----------------------+-----------------------|
| 12.2SXI | 12.2(33)SXI6 | 12.2(33)SXI6 |
|------------+-----------------------+-----------------------|
| 12.2SXJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SY | 12.2(50)SY | 12.2(50)SY |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SZ | fixed in Release | fixed in Release |
| | 12.2SB | 12.2SB |
|------------+-----------------------+-----------------------|
| 12.2T | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2TPC | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2XA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XB | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2XC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XF | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XH | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XI | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XM | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XN | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNA | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNB | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNC | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XND | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNE | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNF | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(54)XO are |
| 12.2XO | Not vulnerable | vulnerable; Releases |
| | | 12.2(54)XO and later |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| 12.2XQ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XR | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XS | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XT | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XU | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XV | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XW | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases prior to | |
| | 12.2(4)YA8 are | |
| | vulnerable; Releases | Vulnerable; first |
| 12.2YA | 12.2(4)YA8 and later | fixed in Release 12.4 |
| | are not vulnerable. | |
| | First fixed in | |
| | Release 12.4 | |
|------------+-----------------------+-----------------------|
| 12.2YB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YF | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YG | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YH | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | Releases prior to | your support |
| | 12.2(8)YJ1 are | organization per the |
| 12.2YJ | vulnerable; Releases | instructions in the |
| | 12.2(8)YJ1 and later | Obtaining Fixed |
| | are not vulnerable. | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YL | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YM | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YN | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YO | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YP | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YQ | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YR | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YS | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YT | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YU | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | Releases prior to | your support |
| | 12.2(11)YV1 are | organization per the |
| 12.2YV | vulnerable; Releases | instructions in the |
| | 12.2(11)YV1 and later | Obtaining Fixed |
| | are not vulnerable. | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YW | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YX | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YY | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YZ | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2ZA | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2ZB | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2ZC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2ZD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2ZE | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2ZF | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2ZG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases prior to | |
| | 12.2(13)ZH6 are | |
| | vulnerable; Releases | Vulnerable; first |
| 12.2ZH | 12.2(13)ZH6 and later | fixed in Release 12.4 |
| | are not vulnerable. | |
| | First fixed in | |
| | Release 12.4 | |
|------------+-----------------------+-----------------------|
| 12.2ZJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2ZL | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2ZP | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2ZU | fixed in Release | fixed in Release |
| | 12.2SXH | 12.2SXH |
|------------+-----------------------+-----------------------|
| 12.2ZX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2ZY | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2ZYA | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 12.3-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 12.3 | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3B | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.3BC | Not vulnerable | fixed in Release |
| | | 12.2SCC |
|------------+-----------------------+-----------------------|
| 12.3BW | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3JA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JEA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JEB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JEC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JED | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases up to and | Releases up to and |
| | including 12.3(2)JK3 | including 12.3(2)JK3 |
| | are not vulnerable. | are not vulnerable. |
| 12.3JK | Releases 12.3(8)JK1 | Releases 12.3(8)JK1 |
| | and later are not | and later are not |
| | vulnerable. First | vulnerable. First |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3JL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3T | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | Releases up to and | your support |
| | including 12.3(4) | organization per the |
| 12.3TPC | TPC11a are not | instructions in the |
| | vulnerable. | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3VA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases prior to | |
| | 12.3(2)XA7 are | |
| | vulnerable; Releases | Vulnerable; first |
| 12.3XA | 12.3(2)XA7 and later | fixed in Release 12.4 |
| | are not vulnerable. | |
| | First fixed in | |
| | Release 12.4 | |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3XB | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3XC | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XD | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XE | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3XF | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3XG | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3XI | fixed in Release | fixed in Release |
| | 12.2SB | 12.2SB |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3XJ | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3XK | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3XL | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.3XQ | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XR | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XS | Not vulnerable | Vulnerable; first |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3XU | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3XW | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3XX | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3XZ | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3YA | Not vulnerable | Vulnerable; first |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3YD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YF | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YH | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YI | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3YJ | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.3YK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YM | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3YQ | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | |
| | fixed in Release | |
| | 12.4T | Vulnerable; first |
| 12.3YS | | fixed in Release |
| | Releases up to and | 12.4T |
| | including 12.3(11)YS1 | |
| | are not vulnerable. | |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3YT | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3YU | fixed in Release | fixed in Release |
| | 12.4XB | 12.4XB |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; first |
| 12.3YX | to any release in | fixed in Release |
| | 12.4XR | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3YZ | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3ZA | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 12.4-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 12.4 | 12.4(25e) | 12.4(25f) |
|------------+-----------------------+-----------------------|
| 12.4GC | 12.4(24)GC4 | 12.4(24)GC4 |
|------------+-----------------------+-----------------------|
| 12.4JA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JAX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JDA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JDC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHC | Not vulnerable | Not vulnerable |
|----

TOP

Malware :

Last 20

Exploits :

Last 20