Vulnerabilities > CVE-2003-0512 - Cryptographic Issues vulnerability in Cisco IOS

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
cisco
CWE-310
nessus
NVD
Published: 2003-08-27
Updated: 2017-10-11

Summary

Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.

Vulnerable Configurations

Part Description Count
OS
Cisco
9

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Nessus

NASL familyCISCO
NASL idCISCO-SN-20030724-IOS-ENUM.NASL
descriptionIt is possible to enumerate all locally defined users, which are used for authentication, on a Cisco IOS device if aaa new-model is not used.
last seen2019-10-28
modified2012-01-10
plugin id17786
published2012-01-10
reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/17786
titleCisco IOS Locally Defined User Enumeration
code
#TRUSTED 95f84b67b4786f3bdd129fd3f3d219529de9cb7cb790152752d4bc63eeb35adeb8c670728515234f9abfd3ecad5855ec772e9c50a59215b44d239e82e97b3081faf56852ab67af570c24c06c865305204573a8e4d1719c528d2138a5f07e8e54b0752c408723206dd1a9982816759083e31b6ced3d3386cd10f5b3c5399bf6dcbdc5e4df3bce41076602efdf7df65771897984c843b922c9c3c2c136e85abb6c68fa50c7f7f4891049bfd75a864e73a747056f6c1ee09eaaf5bd5ddf9113d3e875a3ea72d446d5d2ffc88cb1bb8df4583372beb01d54865a9efc21c3426933ce719f20577d8993a61ce918f2b03fa43c43ce9dab8278d00800b8b19b975260214610e61a2e0285e26daba662bab582184189633a55d6e454ac1ee0c6b0f7247308167b52e5f7b834425b63254a06d2383143dbc4dd038c6732a03bb9928bf709f2f1e9829d8b968fac6de73b5de998422fc023bbbaabc8ebd7a44b166f1e1cb963d45e945adc3b3243427927c720ef4f323a6305d845de0696a8537c580b6588dca712dcfea24c0ec0e5fee7ee6f00da1e49cb2fb73eb5c820fc424cbc895730b24d19dc6b17011e9677a68d61f6bd6d1931d0cdce2e98824ba02e0873a20bad8ce21c49746c01b5c527e1b55ba5a16e2e5f521bc8704a372203f25ff8fbe9109e2dd0fb455cd7e9a716c7fef44cd659435aebc58b7de0c467921a343bd718bb
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(17786);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2018/07/06");

  script_cve_id("CVE-2003-0512");
  script_bugtraq_id(8292);
  script_xref(name:"CISCO-BUG-ID", value:"CSCdz29724");

  script_name(english:"Cisco IOS Locally Defined User Enumeration");
  script_summary(english:"Checks version of Cisco IOS");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"It is possible to enumerate all locally defined users, which are used
for authentication, on a Cisco IOS device if aaa new-model is not
used.");
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3e55d6a8");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant version in Cisco Security Advisory
cisco-sn-20030724-io-enum.shtml");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(310);

  script_set_attribute(attribute:"vuln_publication_date", value:"2003/07/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2003/07/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:ios");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");

  script_dependencies("cisco_ios_version.nasl");
  script_require_keys("Host/Cisco/IOS/Version");
  exit(0);
}

include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");

flag = 0;
override = 0;
version = get_kb_item_or_exit('Host/Cisco/IOS/Version');

if (version == '12.0(10r)S') flag++;
else if (version == '12.0(10r)S1') flag++;
else if (version == '12.0(10)S0426') flag++;
else if (version == '12.0(10)SC') flag++;
else if (version == '12.0(10)SC1') flag++;
else if (version == '12.0(10)SL') flag++;
else if (version == '12.0(10)ST') flag++;
else if (version == '12.0(10)ST1') flag++;
else if (version == '12.0(10)ST2') flag++;
else if (version == '12.0(10)SX') flag++;
else if (version == '12.0(11)S') flag++;
else if (version == '12.0(11)S1') flag++;
else if (version == '12.0(11)S2') flag++;
else if (version == '12.0(11)S3') flag++;
else if (version == '12.0(11)S4') flag++;
else if (version == '12.0(11)S5') flag++;
else if (version == '12.0(11)S6') flag++;
else if (version == '12.0(11)SC') flag++;
else if (version == '12.0(11)SL') flag++;
else if (version == '12.0(11)SL1') flag++;
else if (version == '12.0(11)ST') flag++;
else if (version == '12.0(11)ST1') flag++;
else if (version == '12.0(11)ST2') flag++;
else if (version == '12.0(11)ST3') flag++;
else if (version == '12.0(11)ST4') flag++;
else if (version == '12.0(12)S') flag++;
else if (version == '12.0(12)S0830') flag++;
else if (version == '12.0(12)S0912') flag++;
else if (version == '12.0(12)S0916') flag++;
else if (version == '12.0(12)S0918') flag++;
else if (version == '12.0(12)S1') flag++;
else if (version == '12.0(12)S2') flag++;
else if (version == '12.0(12)S3') flag++;
else if (version == '12.0(12)S4') flag++;
else if (version == '12.0(12)SC') flag++;
else if (version == '12.0(13)S') flag++;
else if (version == '12.0(13)S1') flag++;
else if (version == '12.0(13)S1016') flag++;
else if (version == '12.0(13)S1022') flag++;
else if (version == '12.0(13)S1023') flag++;
else if (version == '12.0(13)S2') flag++;
else if (version == '12.0(13)S2a') flag++;
else if (version == '12.0(13)S3') flag++;
else if (version == '12.0(13)S4') flag++;
else if (version == '12.0(13)S5') flag++;
else if (version == '12.0(13)S5a') flag++;
else if (version == '12.0(13)S5b') flag++;
else if (version == '12.0(13)S6') flag++;
else if (version == '12.0(13)S7') flag++;
else if (version == '12.0(13)S8') flag++;
else if (version == '12.0(13)SC') flag++;
else if (version == '12.0(14)S') flag++;
else if (version == '12.0(14)S1') flag++;
else if (version == '12.0(14)S1205') flag++;
else if (version == '12.0(14)S1211') flag++;
else if (version == '12.0(14)S1213') flag++;
else if (version == '12.0(14)S1226') flag++;
else if (version == '12.0(14)S2') flag++;
else if (version == '12.0(14)S3') flag++;
else if (version == '12.0(14)S4') flag++;
else if (version == '12.0(14)S5') flag++;
else if (version == '12.0(14)S6') flag++;
else if (version == '12.0(14)S7') flag++;
else if (version == '12.0(14)S8') flag++;
else if (version == '12.0(14)SC') flag++;
else if (version == '12.0(14)SL') flag++;
else if (version == '12.0(14)SL1') flag++;
else if (version == '12.0(14)ST') flag++;
else if (version == '12.0(14)ST1') flag++;
else if (version == '12.0(14)ST2') flag++;
else if (version == '12.0(14)ST3') flag++;
else if (version == '12.0(15)S') flag++;
else if (version == '12.0(15)S0205') flag++;
else if (version == '12.0(15)S0209') flag++;
else if (version == '12.0(15)S0212') flag++;
else if (version == '12.0(15)S0215') flag++;
else if (version == '12.0(15)S0216') flag++;
else if (version == '12.0(15)S1') flag++;
else if (version == '12.0(15)S2') flag++;
else if (version == '12.0(15)S3') flag++;
else if (version == '12.0(15)S3a') flag++;
else if (version == '12.0(15)S4') flag++;
else if (version == '12.0(15)S5') flag++;
else if (version == '12.0(15)S6') flag++;
else if (version == '12.0(15)S7') flag++;
else if (version == '12.0(15)SC') flag++;
else if (version == '12.0(15)SC1') flag++;
else if (version == '12.0(15)SL') flag++;
else if (version == '12.0(16)S') flag++;
else if (version == '12.0(16)S0416') flag++;
else if (version == '12.0(16)S0422') flag++;
else if (version == '12.0(16)S0425') flag++;
else if (version == '12.0(16)S1') flag++;
else if (version == '12.0(16)S10') flag++;
else if (version == '12.0(16)S11') flag++;
else if (version == '12.0(16)S12') flag++;
else if (version == '12.0(16)S1a') flag++;
else if (version == '12.0(16)S2') flag++;
else if (version == '12.0(16)S3') flag++;
else if (version == '12.0(16)S4') flag++;
else if (version == '12.0(16)S4a') flag++;
else if (version == '12.0(16)S5') flag++;
else if (version == '12.0(16)S6') flag++;
else if (version == '12.0(16)S7') flag++;
else if (version == '12.0(16)S8') flag++;
else if (version == '12.0(16)S8a') flag++;
else if (version == '12.0(16)S9') flag++;
else if (version == '12.0(16)SC') flag++;
else if (version == '12.0(16)SC1') flag++;
else if (version == '12.0(16)SC2') flag++;
else if (version == '12.0(16)SC3') flag++;
else if (version == '12.0(16)ST') flag++;
else if (version == '12.0(16)ST1') flag++;
else if (version == '12.0(17)S') flag++;
else if (version == '12.0(17)S0620') flag++;
else if (version == '12.0(17)S0621') flag++;
else if (version == '12.0(17)S1') flag++;
else if (version == '12.0(17)S2') flag++;
else if (version == '12.0(17)S3') flag++;
else if (version == '12.0(17)S4') flag++;
else if (version == '12.0(17)S5') flag++;
else if (version == '12.0(17)S6') flag++;
else if (version == '12.0(17)S7') flag++;
else if (version == '12.0(17)SL') flag++;
else if (version == '12.0(17)SL1') flag++;
else if (version == '12.0(17)SL2') flag++;
else if (version == '12.0(17)SL3') flag++;
else if (version == '12.0(17)SL4') flag++;
else if (version == '12.0(17)SL5') flag++;
else if (version == '12.0(17)SL6') flag++;
else if (version == '12.0(17)SL7') flag++;
else if (version == '12.0(17)SL8') flag++;
else if (version == '12.0(17)SL9') flag++;
else if (version == '12.0(17)ST') flag++;
else if (version == '12.0(17)ST0622') flag++;
else if (version == '12.0(17)ST071201') flag++;
else if (version == '12.0(17)ST0717') flag++;
else if (version == '12.0(17)ST0719') flag++;
else if (version == '12.0(17)ST0726') flag++;
else if (version == '12.0(17)ST1') flag++;
else if (version == '12.0(17)ST10') flag++;
else if (version == '12.0(17)ST2') flag++;
else if (version == '12.0(17)ST3') flag++;
else if (version == '12.0(17)ST4') flag++;
else if (version == '12.0(17)ST5') flag++;
else if (version == '12.0(17)ST6') flag++;
else if (version == '12.0(17)ST7') flag++;
else if (version == '12.0(17)ST8') flag++;
else if (version == '12.0(17)ST9') flag++;
else if (version == '12.0(18)S') flag++;
else if (version == '12.0(18)S0814') flag++;
else if (version == '12.0(18)S0906') flag++;
else if (version == '12.0(18)S1') flag++;
else if (version == '12.0(18)S2') flag++;
else if (version == '12.0(18)S3') flag++;
else if (version == '12.0(18)S4') flag++;
else if (version == '12.0(18)S5') flag++;
else if (version == '12.0(18)S5a') flag++;
else if (version == '12.0(18)S6') flag++;
else if (version == '12.0(18)S7') flag++;
else if (version == '12.0(18)ST') flag++;
else if (version == '12.0(18)ST1') flag++;
else if (version == '12.0(19)S') flag++;
else if (version == '12.0(19)S1') flag++;
else if (version == '12.0(19)S1128') flag++;
else if (version == '12.0(19)S2') flag++;
else if (version == '12.0(19)S2a') flag++;
else if (version == '12.0(19)S3') flag++;
else if (version == '12.0(19)S4') flag++;
else if (version == '12.0(19)SL') flag++;
else if (version == '12.0(19)SL1') flag++;
else if (version == '12.0(19)SL2') flag++;
else if (version == '12.0(19)SL3') flag++;
else if (version == '12.0(19)SL4') flag++;
else if (version == '12.0(19)SP') flag++;
else if (version == '12.0(19)ST') flag++;
else if (version == '12.0(19)ST1') flag++;
else if (version == '12.0(19)ST1114') flag++;
else if (version == '12.0(19)ST1116') flag++;
else if (version == '12.0(19)ST2') flag++;
else if (version == '12.0(19)ST3') flag++;
else if (version == '12.0(19)ST4') flag++;
else if (version == '12.0(19)ST5') flag++;
else if (version == '12.0(19)ST6') flag++;
else if (version == '12.0(202)TEST') flag++;
else if (version == '12.0(20)SP') flag++;
else if (version == '12.0(20)SP1') flag++;
else if (version == '12.0(20)SP2') flag++;
else if (version == '12.0(20)ST') flag++;
else if (version == '12.0(20)ST1') flag++;
else if (version == '12.0(20)ST2') flag++;
else if (version == '12.0(20)ST3') flag++;
else if (version == '12.0(20)ST4') flag++;
else if (version == '12.0(20)ST5') flag++;
else if (version == '12.0(20)ST6') flag++;
else if (version == '12.0(21)S') flag++;
else if (version == '12.0(21)S0122') flag++;
else if (version == '12.0(21)S0130') flag++;
else if (version == '12.0(21)S0207') flag++;
else if (version == '12.0(21)S0213') flag++;
else if (version == '12.0(21)S1') flag++;
else if (version == '12.0(21)S2') flag++;
else if (version == '12.0(21)S3') flag++;
else if (version == '12.0(21)S4') flag++;
else if (version == '12.0(21)S4a') flag++;
else if (version == '12.0(21)S5') flag++;
else if (version == '12.0(21)S5a') flag++;
else if (version == '12.0(21)S6') flag++;
else if (version == '12.0(21)S6a') flag++;
else if (version == '12.0(21)S7') flag++;
else if (version == '12.0(21)S8') flag++;
else if (version == '12.0(21)SP') flag++;
else if (version == '12.0(21)SP0722') flag++;
else if (version == '12.0(21)SP0726') flag++;
else if (version == '12.0(21)SP1') flag++;
else if (version == '12.0(21)SP2') flag++;
else if (version == '12.0(21)SP3') flag++;
else if (version == '12.0(21)SP4') flag++;
else if (version == '12.0(21)ST') flag++;
else if (version == '12.0(21)ST0318') flag++;
else if (version == '12.0(21)ST0321') flag++;
else if (version == '12.0(21)ST0326') flag++;
else if (version == '12.0(21)ST1') flag++;
else if (version == '12.0(21)ST2') flag++;
else if (version == '12.0(21)ST2a') flag++;
else if (version == '12.0(21)ST2b') flag++;
else if (version == '12.0(21)ST3') flag++;
else if (version == '12.0(21)ST3a') flag++;
else if (version == '12.0(21)ST4') flag++;
else if (version == '12.0(21)ST5') flag++;
else if (version == '12.0(21)ST6') flag++;
else if (version == '12.0(21)ST6a') flag++;
else if (version == '12.0(21)ST7') flag++;
else if (version == '12.0(21)SX') flag++;
else if (version == '12.0(21)SX1') flag++;
else if (version == '12.0(21)SZ') flag++;
else if (version == '12.0(22)S') flag++;
else if (version == '12.0(22)S0815') flag++;
else if (version == '12.0(22)S0828') flag++;
else if (version == '12.0(22)S0903') flag++;
else if (version == '12.0(22)S0911') flag++;
else if (version == '12.0(22)S0914') flag++;
else if (version == '12.0(22)S1') flag++;
else if (version == '12.0(22)S2') flag++;
else if (version == '12.0(22)S2a') flag++;
else if (version == '12.0(22)S2b') flag++;
else if (version == '12.0(22)S2c') flag++;
else if (version == '12.0(22)S2d') flag++;
else if (version == '12.0(22)S2e') flag++;
else if (version == '12.0(22)S3') flag++;
else if (version == '12.0(22)S3a') flag++;
else if (version == '12.0(22)S3b') flag++;
else if (version == '12.0(22)S3c') flag++;
else if (version == '12.0(22)S4') flag++;
else if (version == '12.0(22)S4a') flag++;
else if (version == '12.0(22)S5') flag++;
else if (version == '12.0(22)S5a') flag++;
else if (version == '12.0(22)S6') flag++;
else if (version == '12.0(22)SY') flag++;
else if (version == '12.0(23)S') flag++;
else if (version == '12.0(23)S012') flag++;
else if (version == '12.0(23)S1') flag++;
else if (version == '12.0(23)S1105') flag++;
else if (version == '12.0(23)S1105a') flag++;
else if (version == '12.0(23)S1106') flag++;
else if (version == '12.0(23)S1118') flag++;
else if (version == '12.0(23)S1123') flag++;
else if (version == '12.0(23)S2') flag++;
else if (version == '12.0(23)S2a') flag++;
else if (version == '12.0(23)S2b') flag++;
else if (version == '12.0(23)S3') flag++;
else if (version == '12.0(23)S3a') flag++;
else if (version == '12.0(23)S3b') flag++;
else if (version == '12.0(23)S3c') flag++;
else if (version == '12.0(23)S4') flag++;
else if (version == '12.0(23)S5') flag++;
else if (version == '12.0(23)S6') flag++;
else if (version == '12.0(23)S6a') flag++;
else if (version == '12.0(23)SX') flag++;
else if (version == '12.0(23)SX1') flag++;
else if (version == '12.0(23)SX2') flag++;
else if (version == '12.0(23)SX3') flag++;
else if (version == '12.0(23)SX4') flag++;
else if (version == '12.0(23)SX5') flag++;
else if (version == '12.0(23)SZ') flag++;
else if (version == '12.0(23)SZ0314') flag++;
else if (version == '12.0(23)SZ1213') flag++;
else if (version == '12.0(23)SZ2') flag++;
else if (version == '12.0(23)SZ3') flag++;
else if (version == '12.0(24)S') flag++;
else if (version == '12.0(24)S0303') flag++;
else if (version == '12.0(24)S0310') flag++;
else if (version == '12.0(24)S0323') flag++;
else if (version == '12.0(6)SC') flag++;
else if (version == '12.0(7)SC') flag++;
else if (version == '12.0(8)SC') flag++;
else if (version == '12.0(8)SC1') flag++;
else if (version == '12.0(9r)SL') flag++;
else if (version == '12.0(9r)SL1') flag++;
else if (version == '12.0(9r)SL2') flag++;
else if (version == '12.0(9)SC') flag++;
else if (version == '12.0(9)SL') flag++;
else if (version == '12.0(9)SL1') flag++;
else if (version == '12.0(9)SL2') flag++;
else if (version == '12.0(9)ST') flag++;
else if (version == '12.1(11)EA1') flag++;
else if (version == '12.1(11)EA1a') flag++;
else if (version == '12.1(12c)EA1') flag++;
else if (version == '12.1(12c)EA1a') flag++;
else if (version == '12.1(13)AY') flag++;
else if (version == '12.1(13)EA1') flag++;
else if (version == '12.1(13)EA1a') flag++;
else if (version == '12.1(13)EA1b') flag++;
else if (version == '12.1(13)EA1c') flag++;
else if (version == '12.1(14)AX') flag++;
else if (version == '12.1(14)AX1') flag++;
else if (version == '12.1(14)AX2') flag++;
else if (version == '12.1(14)AX3') flag++;
else if (version == '12.1(14)AX4') flag++;
else if (version == '12.1(14)AY1') flag++;
else if (version == '12.1(14)AY2') flag++;
else if (version == '12.1(14)AY3') flag++;
else if (version == '12.1(14)AY4') flag++;
else if (version == '12.1(14)AZ') flag++;
else if (version == '12.1(14)EA1') flag++;
else if (version == '12.1(14)EA1a') flag++;
else if (version == '12.1(14)EA1b') flag++;
else if (version == '12.1(14)SX') flag++;
else if (version == '12.1(19)EA1') flag++;
else if (version == '12.1(19)EA1a') flag++;
else if (version == '12.1(19)EA1b') flag++;
else if (version == '12.1(19)EA1c') flag++;
else if (version == '12.1(19)EA1d') flag++;
else if (version == '12.1(20)EA1') flag++;
else if (version == '12.1(20)EA1a') flag++;
else if (version == '12.1(20)EA1b') flag++;
else if (version == '12.1(20)EA2') flag++;
else if (version == '12.1(22)AY') flag++;
else if (version == '12.1(22)AY1') flag++;
else if (version == '12.1(22)AY2') flag++;
else if (version == '12.1(22)EA1') flag++;
else if (version == '12.1(22)EA1a') flag++;
else if (version == '12.1(22)EA1b') flag++;
else if (version == '12.1(22)EA2') flag++;
else if (version == '12.1(22)EA3') flag++;
else if (version == '12.1(22)EA4') flag++;
else if (version == '12.1(22)EA4a') flag++;
else if (version == '12.1(22)EA5') flag++;
else if (version == '12.1(22)EA5a') flag++;
else if (version == '12.1(22)EA6') flag++;
else if (version == '12.1(22)EA6a') flag++;
else if (version == '12.1(22)EA7') flag++;
else if (version == '12.1(22)EA9') flag++;
else if (version == '12.1(70)E') flag++;
else if (version == '12.1(70)E1') flag++;
else if (version == '12.1(70)E2') flag++;
else if (version == '12.1(89)E1e') flag++;
else if (version == '12.1(8)EA1') flag++;
else if (version == '12.1(8)EA1b') flag++;
else if (version == '12.1(8)EA1c') flag++;
else if (version == '12.1(9)EA1') flag++;
else if (version == '12.1(9)EA1a') flag++;
else if (version == '12.1(9)EA1c') flag++;
else if (version == '12.1(9)EA1d') flag++;
else if (version == '12.2(1)') flag++;
else if (version == '12.2(10)') flag++;
else if (version == '12.2(10a)') flag++;
else if (version == '12.2(10b)') flag++;
else if (version == '12.2(10c)') flag++;
else if (version == '12.2(10d)') flag++;
else if (version == '12.2(10)DA') flag++;
else if (version == '12.2(10)DA1') flag++;
else if (version == '12.2(10)DA2') flag++;
else if (version == '12.2(10)DA3') flag++;
else if (version == '12.2(10)DA4') flag++;
else if (version == '12.2(10)DA5') flag++;
else if (version == '12.2(10)DA6') flag++;
else if (version == '12.2(10e)') flag++;
else if (version == '12.2(10f)') flag++;
else if (version == '12.2(10g)') flag++;
else if (version == '12.2(10r)') flag++;
else if (version == '12.2(11)BC1') flag++;
else if (version == '12.2(11)BC1a') flag++;
else if (version == '12.2(11)BC1b') flag++;
else if (version == '12.2(11)BC2') flag++;
else if (version == '12.2(11)BC2a') flag++;
else if (version == '12.2(11)BC3') flag++;
else if (version == '12.2(11)BC3a') flag++;
else if (version == '12.2(11)BC3b') flag++;
else if (version == '12.2(11)BC3c') flag++;
else if (version == '12.2(11)BC3d') flag++;
else if (version == '12.2(11)CX') flag++;
else if (version == '12.2(11)CX1') flag++;
else if (version == '12.2(11)CY') flag++;
else if (version == '12.2(11)JA') flag++;
else if (version == '12.2(11r)SZ') flag++;
else if (version == '12.2(11r)T') flag++;
else if (version == '12.2(11r)T1') flag++;
else if (version == '12.2(11r)YQ') flag++;
else if (version == '12.2(11r)YQ1') flag++;
else if (version == '12.2(11r)YQ2') flag++;
else if (version == '12.2(11r)YQ3') flag++;
else if (version == '12.2(11r)YQ4') flag++;
else if (version == '12.2(11r)YS1') flag++;
else if (version == '12.2(11r)YV') flag++;
else if (version == '12.2(11r)YV1') flag++;
else if (version == '12.2(11r)YV2') flag++;
else if (version == '12.2(11r)YV3') flag++;
else if (version == '12.2(11r)YV4') flag++;
else if (version == '12.2(11r)YV5') flag++;
else if (version == '12.2(11r)YV6') flag++;
else if (version == '12.2(11r)YZ') flag++;
else if (version == '12.2(11r)YZ1') flag++;
else if (version == '12.2(11r)YZ2') flag++;
else if (version == '12.2(11r)YZ3') flag++;
else if (version == '12.2(11)S') flag++;
else if (version == '12.2(11)S1') flag++;
else if (version == '12.2(11)S2') flag++;
else if (version == '12.2(11)S3') flag++;
else if (version == '12.2(11)T') flag++;
else if (version == '12.2(11)T1') flag++;
else if (version == '12.2(11)T10') flag++;
else if (version == '12.2(11)T11') flag++;
else if (version == '12.2(11)T2') flag++;
else if (version == '12.2(11)T3') flag++;
else if (version == '12.2(11)T4') flag++;
else if (version == '12.2(11)T5') flag++;
else if (version == '12.2(11)T6') flag++;
else if (version == '12.2(11)T7') flag++;
else if (version == '12.2(11)T8') flag++;
else if (version == '12.2(11)T9') flag++;
else if (version == '12.2(11)YP1') flag++;
else if (version == '12.2(11)YP2') flag++;
else if (version == '12.2(11)YP3') flag++;
else if (version == '12.2(11)YP4') flag++;
else if (version == '12.2(11)YP5') flag++;
else if (version == '12.2(11)YQ') flag++;
else if (version == '12.2(11)YR') flag++;
else if (version == '12.2(11)YS021223') flag++;
else if (version == '12.2(11)YT') flag++;
else if (version == '12.2(11)YT1') flag++;
else if (version == '12.2(11)YT2') flag++;
else if (version == '12.2(11)YU') flag++;
else if (version == '12.2(11)YV') flag++;
else if (version == '12.2(11)YV1') flag++;
else if (version == '12.2(11)YX') flag++;
else if (version == '12.2(11)YX1') flag++;
else if (version == '12.2(11)YZ') flag++;
else if (version == '12.2(11)YZ1') flag++;
else if (version == '12.2(11)YZ2') flag++;
else if (version == '12.2(11)YZ3') flag++;
else if (version == '12.2(11)ZC') flag++;
else if (version == '12.2(12)') flag++;
else if (version == '12.2(12a)') flag++;
else if (version == '12.2(12b)') flag++;
else if (version == '12.2(12b)M1') flag++;
else if (version == '12.2(12c)') flag++;
else if (version == '12.2(12d)') flag++;
else if (version == '12.2(12)DA') flag++;
else if (version == '12.2(12)DA1') flag++;
else if (version == '12.2(12)DA10') flag++;
else if (version == '12.2(12)DA11') flag++;
else if (version == '12.2(12)DA2') flag++;
else if (version == '12.2(12)DA3') flag++;
else if (version == '12.2(12)DA4') flag++;
else if (version == '12.2(12)DA5') flag++;
else if (version == '12.2(12)DA6') flag++;
else if (version == '12.2(12)DA7') flag++;
else if (version == '12.2(12)DA8') flag++;
else if (version == '12.2(12)DA9') flag++;
else if (version == '12.2(12e)') flag++;
else if (version == '12.2(12f)') flag++;
else if (version == '12.2(12g)') flag++;
else if (version == '12.2(12g)TEST') flag++;
else if (version == '12.2(12h)') flag++;
else if (version == '12.2(12h)M1') flag++;
else if (version == '12.2(12h)SAVE') flag++;
else if (version == '12.2(12i)') flag++;
else if (version == '12.2(12j)') flag++;
else if (version == '12.2(12k)') flag++;
else if (version == '12.2(12l)') flag++;
else if (version == '12.2(12m)') flag++;
else if (version == '12.2(13)') flag++;
else if (version == '12.2(13a)') flag++;
else if (version == '12.2(13b)') flag++;
else if (version == '12.2(13b)M1') flag++;
else if (version == '12.2(13b)M2') flag++;
else if (version == '12.2(13c)') flag++;
else if (version == '12.2(13d)') flag++;
else if (version == '12.2(13e)') flag++;
else if (version == '12.2(13)T') flag++;
else if (version == '12.2(13)T1') flag++;
else if (version == '12.2(13)T10') flag++;
else if (version == '12.2(13)T11') flag++;
else if (version == '12.2(13)T12') flag++;
else if (version == '12.2(13)T13') flag++;
else if (version == '12.2(13)T14') flag++;
else if (version == '12.2(13)T15') flag++;
else if (version == '12.2(13)T16') flag++;
else if (version == '12.2(13)T17') flag++;
else if (version == '12.2(13)T1a') flag++;
else if (version == '12.2(13)T2') flag++;
else if (version == '12.2(13)T3') flag++;
else if (version == '12.2(13)T4') flag++;
else if (version == '12.2(13)T5') flag++;
else if (version == '12.2(13)T6') flag++;
else if (version == '12.2(13)T7') flag++;
else if (version == '12.2(13)T8') flag++;
else if (version == '12.2(13)T8a') flag++;
else if (version == '12.2(13)T9') flag++;
else if (version == '12.2(13)ZC') flag++;
else if (version == '12.2(13)ZD') flag++;
else if (version == '12.2(13)ZD1') flag++;
else if (version == '12.2(13)ZD2') flag++;
else if (version == '12.2(13)ZD3') flag++;
else if (version == '12.2(13)ZD4') flag++;
else if (version == '12.2(13)ZE') flag++;
else if (version == '12.2(13)ZF') flag++;
else if (version == '12.2(13)ZF1') flag++;
else if (version == '12.2(13)ZF2') flag++;
else if (version == '12.2(13)ZG') flag++;
else if (version == '12.2(13)ZP') flag++;
else if (version == '12.2(13)ZP1') flag++;
else if (version == '12.2(13)ZP2') flag++;
else if (version == '12.2(13)ZP3') flag++;
else if (version == '12.2(13)ZP4') flag++;
else if (version == '12.2(14r)S1') flag++;
else if (version == '12.2(14r)S2') flag++;
else if (version == '12.2(14r)S3') flag++;
else if (version == '12.2(14r)SZ') flag++;
else if (version == '12.2(14r)SZ1') flag++;
else if (version == '12.2(14)S') flag++;
else if (version == '12.2(14)S1') flag++;
else if (version == '12.2(14)S10') flag++;
else if (version == '12.2(14)S11') flag++;
else if (version == '12.2(14)S12') flag++;
else if (version == '12.2(14)S13') flag++;
else if (version == '12.2(14)S14') flag++;
else if (version == '12.2(14)S15') flag++;
else if (version == '12.2(14)S16') flag++;
else if (version == '12.2(14)S17') flag++;
else if (version == '12.2(14)S2') flag++;
else if (version == '12.2(14)S3') flag++;
else if (version == '12.2(14)S4') flag++;
else if (version == '12.2(14)S5') flag++;
else if (version == '12.2(14)S6') flag++;
else if (version == '12.2(14)S7') flag++;
else if (version == '12.2(14)S8') flag++;
else if (version == '12.2(14)S9') flag++;
else if (version == '12.2(14)SU') flag++;
else if (version == '12.2(14)SU1') flag++;
else if (version == '12.2(14)SU2') flag++;
else if (version == '12.2(14)SX') flag++;
else if (version == '12.2(14)SX05282003') flag++;
else if (version == '12.2(14)SX1') flag++;
else if (version == '12.2(14)SX1a') flag++;
else if (version == '12.2(14)SX2') flag++;
else if (version == '12.2(14)SY') flag++;
else if (version == '12.2(14)SY1') flag++;
else if (version == '12.2(14)SY2') flag++;
else if (version == '12.2(14)SY3') flag++;
else if (version == '12.2(14)SY4') flag++;
else if (version == '12.2(14)SY5') flag++;
else if (version == '12.2(14)SZ') flag++;
else if (version == '12.2(14)SZ1') flag++;
else if (version == '12.2(14)SZ2') flag++;
else if (version == '12.2(14)SZ3') flag++;
else if (version == '12.2(14)SZ4') flag++;
else if (version == '12.2(14)SZ5') flag++;
else if (version == '12.2(14)SZ6') flag++;
else if (version == '12.2(14)ZA') flag++;
else if (version == '12.2(14)ZA1') flag++;
else if (version == '12.2(14)ZA2') flag++;
else if (version == '12.2(14)ZA3') flag++;
else if (version == '12.2(14)ZA4') flag++;
else if (version == '12.2(14)ZA5') flag++;
else if (version == '12.2(14)ZA6') flag++;
else if (version == '12.2(14)ZA7') flag++;
else if (version == '12.2(15)B') flag++;
else if (version == '12.2(15)B1') flag++;
else if (version == '12.2(15)BX') flag++;
else if (version == '12.2(15)BZ') flag++;
else if (version == '12.2(15)BZ1') flag++;
else if (version == '12.2(15)BZ2') flag++;
else if (version == '12.2(15)ZJ') flag++;
else if (version == '12.2(15)ZJ1') flag++;
else if (version == '12.2(15)ZJ2') flag++;
else if (version == '12.2(15)ZJ3') flag++;
else if (version == '12.2(15)ZJ4') flag++;
else if (version == '12.2(15)ZJ5') flag++;
else if (version == '12.2(1a)') flag++;
else if (version == '12.2(1a)XC') flag++;
else if (version == '12.2(1a)XC1') flag++;
else if (version == '12.2(1a)XC2') flag++;
else if (version == '12.2(1a)XC3') flag++;
else if (version == '12.2(1a)XC4') flag++;
else if (version == '12.2(1a)XC5') flag++;
else if (version == '12.2(1b)') flag++;
else if (version == '12.2(1b)DA') flag++;
else if (version == '12.2(1b)DA1') flag++;
else if (version == '12.2(1c)') flag++;
else if (version == '12.2(1d)') flag++;
else if (version == '12.2(1)DX') flag++;
else if (version == '12.2(1)DX1') flag++;
else if (version == '12.2(1)MB1') flag++;
else if (version == '12.2(1r)') flag++;
else if (version == '12.2(1r)DD') flag++;
else if (version == '12.2(1r)DD1') flag++;
else if (version == '12.2(1r)T') flag++;
else if (version == '12.2(1r)T1') flag++;
else if (version == '12.2(1r)T2') flag++;
else if (version == '12.2(1r)XA') flag++;
else if (version == '12.2(1r)XE') flag++;
else if (version == '12.2(1r)XE1') flag++;
else if (version == '12.2(1r)XE2') flag++;
else if (version == '12.2(1)XD') flag++;
else if (version == '12.2(1)XD1') flag++;
else if (version == '12.2(1)XD2') flag++;
else if (version == '12.2(1)XD3') flag++;
else if (version == '12.2(1)XD4') flag++;
else if (version == '12.2(1)XE') flag++;
else if (version == '12.2(1)XE1') flag++;
else if (version == '12.2(1)XE2') flag++;
else if (version == '12.2(1)XS') flag++;
else if (version == '12.2(1)XS1') flag++;
else if (version == '12.2(1)XS1a') flag++;
else if (version == '12.2(1)XS2') flag++;
else if (version == '12.2(2)BX') flag++;
else if (version == '12.2(2)BX1') flag++;
else if (version == '12.2(2)BX2') flag++;
else if (version == '12.2(2)DD') flag++;
else if (version == '12.2(2)DD1') flag++;
else if (version == '12.2(2)DD2') flag++;
else if (version == '12.2(2)DD3') flag++;
else if (version == '12.2(2)DD4') flag++;
else if (version == '12.2(2)DX') flag++;
else if (version == '12.2(2)DX1') flag++;
else if (version == '12.2(2)DX2') flag++;
else if (version == '12.2(2)DX3') flag++;
else if (version == '12.2(2r)') flag++;
else if (version == '12.2(2r)DD') flag++;
else if (version == '12.2(2r)T2') flag++;
else if (version == '12.2(2r)XA') flag++;
else if (version == '12.2(2r)XB') flag++;
else if (version == '12.2(2r)XB5') flag++;
else if (version == '12.2(2r)XT') flag++;
else if (version == '12.2(2)T') flag++;
else if (version == '12.2(2)T1') flag++;
else if (version == '12.2(2)T2') flag++;
else if (version == '12.2(2)T3') flag++;
else if (version == '12.2(2)T4') flag++;
else if (version == '12.2(2)XA') flag++;
else if (version == '12.2(2)XA1') flag++;
else if (version == '12.2(2)XA2') flag++;
else if (version == '12.2(2)XA3') flag++;
else if (version == '12.2(2)XA4') flag++;
else if (version == '12.2(2)XA5') flag++;
else if (version == '12.2(2)XB') flag++;
else if (version == '12.2(2)XB1') flag++;
else if (version == '12.2(2)XB10') flag++;
else if (version == '12.2(2)XB11') flag++;
else if (version == '12.2(2)XB12') flag++;
else if (version == '12.2(2)XB14') flag++;
else if (version == '12.2(2)XB15') flag++;
else if (version == '12.2(2)XB16') flag++;
else if (version == '12.2(2)XB17') flag++;
else if (version == '12.2(2)XB18') flag++;
else if (version == '12.2(2)XB2') flag++;
else if (version == '12.2(2)XB3') flag++;
else if (version == '12.2(2)XB4') flag++;
else if (version == '12.2(2)XB4b') flag++;
else if (version == '12.2(2)XB5') flag++;
else if (version == '12.2(2)XB6') flag++;
else if (version == '12.2(2)XB6a') flag++;
else if (version == '12.2(2)XB6b') flag++;
else if (version == '12.2(2)XB6c') flag++;
else if (version == '12.2(2)XB6d') flag++;
else if (version == '12.2(2)XB7') flag++;
else if (version == '12.2(2)XB8') flag++;
else if (version == '12.2(2)XB9') flag++;
else if (version == '12.2(2)XC') flag++;
else if (version == '12.2(2)XC1') flag++;
else if (version == '12.2(2)XC2') flag++;
else if (version == '12.2(2)XC3') flag++;
else if (version == '12.2(2)XC4') flag++;
else if (version == '12.2(2)XC5') flag++;
else if (version == '12.2(2)XC6') flag++;
else if (version == '12.2(2)XC7') flag++;
else if (version == '12.2(2)XF') flag++;
else if (version == '12.2(2)XF1') flag++;
else if (version == '12.2(2)XF2') flag++;
else if (version == '12.2(2)XG') flag++;
else if (version == '12.2(2)XG1') flag++;
else if (version == '12.2(2)XH') flag++;
else if (version == '12.2(2)XH1') flag++;
else if (version == '12.2(2)XH2') flag++;
else if (version == '12.2(2)XI') flag++;
else if (version == '12.2(2)XI1') flag++;
else if (version == '12.2(2)XI2') flag++;
else if (version == '12.2(2)XJ') flag++;
else if (version == '12.2(2)XK') flag++;
else if (version == '12.2(2)XK1') flag++;
else if (version == '12.2(2)XK2') flag++;
else if (version == '12.2(2)XK3') flag++;
else if (version == '12.2(2)XN') flag++;
else if (version == '12.2(2)XQ') flag++;
else if (version == '12.2(2)XQ1') flag++;
else if (version == '12.2(2)XR') flag++;
else if (version == '12.2(2)XT') flag++;
else if (version == '12.2(2)XT1') flag++;
else if (version == '12.2(2)XT2') flag++;
else if (version == '12.2(2)XT3') flag++;
else if (version == '12.2(2)XU') flag++;
else if (version == '12.2(2)XU1') flag++;
else if (version == '12.2(2)XU2') flag++;
else if (version == '12.2(2)XU3') flag++;
else if (version == '12.2(2)XU4') flag++;
else if (version == '12.2(2)YC') flag++;
else if (version == '12.2(2)YC1') flag++;
else if (version == '12.2(2)YC2') flag++;
else if (version == '12.2(2)YC3') flag++;
else if (version == '12.2(2)YC4') flag++;
else if (version == '12.2(2)YK') flag++;
else if (version == '12.2(2)YK1') flag++;
else if (version == '12.2(3)') flag++;
else if (version == '12.2(3a)') flag++;
else if (version == '12.2(3b)') flag++;
else if (version == '12.2(3c)') flag++;
else if (version == '12.2(3d)') flag++;
else if (version == '12.2(3e)') flag++;
else if (version == '12.2(3f)') flag++;
else if (version == '12.2(3g)') flag++;
else if (version == '12.2(4)B') flag++;
else if (version == '12.2(4)B1') flag++;
else if (version == '12.2(4)B2') flag++;
else if (version == '12.2(4)B3') flag++;
else if (version == '12.2(4)B4') flag++;
else if (version == '12.2(4)B5') flag++;
else if (version == '12.2(4)B6') flag++;
else if (version == '12.2(4)B7') flag++;
else if (version == '12.2(4)B7a') flag++;
else if (version == '12.2(4)B8') flag++;
else if (version == '12.2(4)BC1') flag++;
else if (version == '12.2(4)BC1a') flag++;
else if (version == '12.2(4)BC1b') flag++;
else if (version == '12.2(4)BW') flag++;
else if (version == '12.2(4)BW1') flag++;
else if (version == '12.2(4)BW1a') flag++;
else if (version == '12.2(4)BW2') flag++;
else if (version == '12.2(4)BX') flag++;
else if (version == '12.2(4)BX1') flag++;
else if (version == '12.2(4)BX1a') flag++;
else if (version == '12.2(4)BX1b') flag++;
else if (version == '12.2(4)BX1c') flag++;
else if (version == '12.2(4)BX1d') flag++;
else if (version == '12.2(4)BX2') flag++;
else if (version == '12.2(4)BY') flag++;
else if (version == '12.2(4)BY1') flag++;
else if (version == '12.2(4)JA') flag++;
else if (version == '12.2(4)JA1') flag++;
else if (version == '12.2(4)MB1') flag++;
else if (version == '12.2(4)MB10') flag++;
else if (version == '12.2(4)MB11') flag++;
else if (version == '12.2(4)MB12') flag++;
else if (version == '12.2(4)MB13') flag++;
else if (version == '12.2(4)MB13a') flag++;
else if (version == '12.2(4)MB13b') flag++;
else if (version == '12.2(4)MB13c') flag++;
else if (version == '12.2(4)MB2') flag++;
else if (version == '12.2(4)MB3') flag++;
else if (version == '12.2(4)MB4') flag++;
else if (version == '12.2(4)MB5') flag++;
else if (version == '12.2(4)MB6') flag++;
else if (version == '12.2(4)MB7') flag++;
else if (version == '12.2(4)MB8') flag++;
else if (version == '12.2(4)MB9') flag++;
else if (version == '12.2(4)MB9a') flag++;
else if (version == '12.2(4)MX') flag++;
else if (version == '12.2(4)MX1') flag++;
else if (version == '12.2(4)MX2') flag++;
else if (version == '12.2(4r)B') flag++;
else if (version == '12.2(4r)B1') flag++;
else if (version == '12.2(4r)B2') flag++;
else if (version == '12.2(4r)B3') flag++;
else if (version == '12.2(4r)B4') flag++;
else if (version == '12.2(4r)XL') flag++;
else if (version == '12.2(4r)XM') flag++;
else if (version == '12.2(4r)XM1') flag++;
else if (version == '12.2(4r)XM2') flag++;
else if (version == '12.2(4r)XM3') flag++;
else if (version == '12.2(4r)XM4') flag++;
else if (version == '12.2(4r)XT') flag++;
else if (version == '12.2(4r)XT1') flag++;
else if (version == '12.2(4r)XT2') flag++;
else if (version == '12.2(4r)XT3') flag++;
else if (version == '12.2(4r)XT4') flag++;
else if (version == '12.2(4)T') flag++;
else if (version == '12.2(4)T1') flag++;
else if (version == '12.2(4)T2') flag++;
else if (version == '12.2(4)T3') flag++;
else if (version == '12.2(4)T4') flag++;
else if (version == '12.2(4)T5') flag++;
else if (version == '12.2(4)T6') flag++;
else if (version == '12.2(4)T7') flag++;
else if (version == '12.2(4)XF') flag++;
else if (version == '12.2(4)XF1') flag++;
else if (version == '12.2(4)XL') flag++;
else if (version == '12.2(4)XL1') flag++;
else if (version == '12.2(4)XL2') flag++;
else if (version == '12.2(4)XL3') flag++;
else if (version == '12.2(4)XL4') flag++;
else if (version == '12.2(4)XL5') flag++;
else if (version == '12.2(4)XL6') flag++;
else if (version == '12.2(4)XM') flag++;
else if (version == '12.2(4)XM1') flag++;
else if (version == '12.2(4)XM2') flag++;
else if (version == '12.2(4)XM3') flag++;
else if (version == '12.2(4)XM4') flag++;
else if (version == '12.2(4)XR') flag++;
else if (version == '12.2(4)XV') flag++;
else if (version == '12.2(4)XV1') flag++;
else if (version == '12.2(4)XV2') flag++;
else if (version == '12.2(4)XV3') flag++;
else if (version == '12.2(4)XV4') flag++;
else if (version == '12.2(4)XV4a') flag++;
else if (version == '12.2(4)XV5') flag++;
else if (version == '12.2(4)XW') flag++;
else if (version == '12.2(4)XZ') flag++;
else if (version == '12.2(4)XZ1') flag++;
else if (version == '12.2(4)XZ2') flag++;
else if (version == '12.2(4)XZ3') flag++;
else if (version == '12.2(4)XZ4') flag++;
else if (version == '12.2(4)XZ5') flag++;
else if (version == '12.2(4)XZ6') flag++;
else if (version == '12.2(4)XZ7') flag++;
else if (version == '12.2(4)YA') flag++;
else if (version == '12.2(4)YA1') flag++;
else if (version == '12.2(4)YA10') flag++;
else if (version == '12.2(4)YA11') flag++;
else if (version == '12.2(4)YA2') flag++;
else if (version == '12.2(4)YA3') flag++;
else if (version == '12.2(4)YA4') flag++;
else if (version == '12.2(4)YA5') flag++;
else if (version == '12.2(4)YA6') flag++;
else if (version == '12.2(4)YA7') flag++;
else if (version == '12.2(4)YA8') flag++;
else if (version == '12.2(4)YA9') flag++;
else if (version == '12.2(4)YB') flag++;
else if (version == '12.2(4)YF') flag++;
else if (version == '12.2(4)YH') flag++;
else if (version == '12.2(5)') flag++;
else if (version == '12.2(5a)') flag++;
else if (version == '12.2(5b)') flag++;
else if (version == '12.2(5c)') flag++;
else if (version == '12.2(5d)') flag++;
else if (version == '12.2(5)DA') flag++;
else if (version == '12.2(5)DA1') flag++;
else if (version == '12.2(6)') flag++;
else if (version == '12.2(6a)') flag++;
else if (version == '12.2(6b)') flag++;
else if (version == '12.2(6c)') flag++;
else if (version == '12.2(6c)M1') flag++;
else if (version == '12.2(6c)TEST') flag++;
else if (version == '12.2(6d)') flag++;
else if (version == '12.2(6e)') flag++;
else if (version == '12.2(6f)') flag++;
else if (version == '12.2(6f)M1') flag++;
else if (version == '12.2(6g)') flag++;
else if (version == '12.2(6h)') flag++;
else if (version == '12.2(6i)') flag++;
else if (version == '12.2(6j)') flag++;
else if (version == '12.2(6r)') flag++;
else if (version == '12.2(7)') flag++;
else if (version == '12.2(7a)') flag++;
else if (version == '12.2(7b)') flag++;
else if (version == '12.2(7c)') flag++;
else if (version == '12.2(7d)') flag++;
else if (version == '12.2(7)DA') flag++;
else if (version == '12.2(7e)') flag++;
else if (version == '12.2(7f)') flag++;
else if (version == '12.2(7g)') flag++;
else if (version == '12.2(7r)') flag++;
else if (version == '12.2(7r)XM') flag++;
else if (version == '12.2(7r)XM1') flag++;
else if (version == '12.2(7r)XM2') flag++;
else if (version == '12.2(7r)XM3') flag++;
else if (version == '12.2(7r)XM4') flag++;
else if (version == '12.2(7r)XM5') flag++;
else if (version == '12.2(8)B') flag++;
else if (version == '12.2(8)B1') flag++;
else if (version == '12.2(8)B2') flag++;
else if (version == '12.2(8)BC1') flag++;
else if (version == '12.2(8)BC2') flag++;
else if (version == '12.2(8)BC2a') flag++;
else if (version == '12.2(8)BY') flag++;
else if (version == '12.2(8)BY1') flag++;
else if (version == '12.2(8)BY2') flag++;
else if (version == '12.2(8)BZ') flag++;
else if (version == '12.2(8)JA') flag++;
else if (version == '12.2(8)MC1') flag++;
else if (version == '12.2(8)MC2') flag++;
else if (version == '12.2(8)MC2a') flag++;
else if (version == '12.2(8)MC2b') flag++;
else if (version == '12.2(8)MC2c') flag++;
else if (version == '12.2(8)MC2d') flag++;
else if (version == '12.2(8r)') flag++;
else if (version == '12.2(8r)B') flag++;
else if (version == '12.2(8r)B1') flag++;
else if (version == '12.2(8r)B2') flag++;
else if (version == '12.2(8r)B3') flag++;
else if (version == '12.2(8r)B3a') flag++;
else if (version == '12.2(8r)MC1') flag++;
else if (version == '12.2(8r)MC2') flag++;
else if (version == '12.2(8r)MC3') flag++;
else if (version == '12.2(8r)T') flag++;
else if (version == '12.2(8r)T1') flag++;
else if (version == '12.2(8r)T2') flag++;
else if (version == '12.2(8r)T3') flag++;
else if (version == '12.2(8)T') flag++;
else if (version == '12.2(8)T0a') flag++;
else if (version == '12.2(8)T0b') flag++;
else if (version == '12.2(8)T0c') flag++;
else if (version == '12.2(8)T0d') flag++;
else if (version == '12.2(8)T0e') flag++;
else if (version == '12.2(8)T1') flag++;
else if (version == '12.2(8)T10') flag++;
else if (version == '12.2(8)T2') flag++;
else if (version == '12.2(8)T3') flag++;
else if (version == '12.2(8)T4') flag++;
else if (version == '12.2(8)T4a') flag++;
else if (version == '12.2(8)T5') flag++;
else if (version == '12.2(8)T6') flag++;
else if (version == '12.2(8)T7') flag++;
else if (version == '12.2(8)T8') flag++;
else if (version == '12.2(8)T9') flag++;
else if (version == '12.2(8)TPC10a') flag++;
else if (version == '12.2(8)YD') flag++;
else if (version == '12.2(8)YD1') flag++;
else if (version == '12.2(8)YD2') flag++;
else if (version == '12.2(8)YD3') flag++;
else if (version == '12.2(8)YJ') flag++;
else if (version == '12.2(8)YJ1') flag++;
else if (version == '12.2(8)YN') flag++;
else if (version == '12.2(8)YN1') flag++;
else if (version == '12.2(8)YY') flag++;
else if (version == '12.2(8)YY1') flag++;
else if (version == '12.2(8)YY2') flag++;
else if (version == '12.2(8)YY3') flag++;
else if (version == '12.2(8)YY4') flag++;
else if (version == '12.2(8)ZB') flag++;
else if (version == '12.2(8)ZB1') flag++;
else if (version == '12.2(8)ZB2') flag++;
else if (version == '12.2(8)ZB3') flag++;
else if (version == '12.2(8)ZB4') flag++;
else if (version == '12.2(8)ZB4a') flag++;
else if (version == '12.2(8)ZB5') flag++;
else if (version == '12.2(8)ZB6') flag++;
else if (version == '12.2(8)ZB7') flag++;
else if (version == '12.2(8)ZB8') flag++;
else if (version == '12.2(9)S') flag++;
else if (version == '12.2(9)YE') flag++;
else if (version == '12.2(9)YO') flag++;
else if (version == '12.2(9)YO1') flag++;
else if (version == '12.2(9)YO2') flag++;
else if (version == '12.2(9)YO3') flag++;
else if (version == '12.2(9)YO4') flag++;
else if (version == '12.2(9)ZA') flag++;
else if (version == '12.3(1)') flag++;
else if (version == '12.3(10)') flag++;
else if (version == '12.3(10a)') flag++;
else if (version == '12.3(10a)M0') flag++;
else if (version == '12.3(10b)') flag++;
else if (version == '12.3(10c)') flag++;
else if (version == '12.3(10d)') flag++;
else if (version == '12.3(10e)') flag++;
else if (version == '12.3(10f)') flag++;
else if (version == '12.3(10r)') flag++;
else if (version == '12.3(12)') flag++;
else if (version == '12.3(12a)') flag++;
else if (version == '12.3(12b)') flag++;
else if (version == '12.3(12c)') flag++;
else if (version == '12.3(12d)') flag++;
else if (version == '12.3(12e)') flag++;
else if (version == '12.3(13)') flag++;
else if (version == '12.3(13a)') flag++;
else if (version == '12.3(13a)BC') flag++;
else if (version == '12.3(13a)BC1') flag++;
else if (version == '12.3(13a)BC2') flag++;
else if (version == '12.3(13a)BC3') flag++;
else if (version == '12.3(13a)BC4') flag++;
else if (version == '12.3(13a)BC5') flag++;
else if (version == '12.3(13a)BC6') flag++;
else if (version == '12.3(13b)') flag++;
else if (version == '12.3(15)') flag++;
else if (version == '12.3(15a)') flag++;
else if (version == '12.3(15b)') flag++;
else if (version == '12.3(16)') flag++;
else if (version == '12.3(16a)') flag++;
else if (version == '12.3(17)') flag++;
else if (version == '12.3(17a)') flag++;
else if (version == '12.3(17a)BC') flag++;
else if (version == '12.3(17a)BC1') flag++;
else if (version == '12.3(17a)BC2') flag++;
else if (version == '12.3(17b)') flag++;
else if (version == '12.3(17b)BC3') flag++;
else if (version == '12.3(17b)BC4') flag++;
else if (version == '12.3(17b)BC5') flag++;
else if (version == '12.3(18)') flag++;
else if (version == '12.3(19)') flag++;
else if (version == '12.3(1a)') flag++;
else if (version == '12.3(1)FIPS140') flag++;
else if (version == '12.3(20)') flag++;
else if (version == '12.3(21)') flag++;
else if (version == '12.3(21a)') flag++;
else if (version == '12.3(21)BC') flag++;
else if (version == '12.3(22)') flag++;
else if (version == '12.3(3)') flag++;
else if (version == '12.3(3a)') flag++;
else if (version == '12.3(3b)') flag++;
else if (version == '12.3(3c)') flag++;
else if (version == '12.3(3d)') flag++;
else if (version == '12.3(3e)') flag++;
else if (version == '12.3(3f)') flag++;
else if (version == '12.3(3f)SAVE') flag++;
else if (version == '12.3(3g)') flag++;
else if (version == '12.3(3h)') flag++;
else if (version == '12.3(3i)') flag++;
else if (version == '12.3(4)INF') flag++;
else if (version == '12.3(5)') flag++;
else if (version == '12.3(5a)') flag++;
else if (version == '12.3(5b)') flag++;
else if (version == '12.3(5c)') flag++;
else if (version == '12.3(5d)') flag++;
else if (version == '12.3(5e)') flag++;
else if (version == '12.3(5f)') flag++;
else if (version == '12.3(6)') flag++;
else if (version == '12.3(6a)') flag++;
else if (version == '12.3(6b)') flag++;
else if (version == '12.3(6c)') flag++;
else if (version == '12.3(6d)') flag++;
else if (version == '12.3(6e)') flag++;
else if (version == '12.3(6f)') flag++;
else if (version == '12.3(6r)') flag++;
else if (version == '12.3(9)') flag++;
else if (version == '12.3(9a)') flag++;
else if (version == '12.3(9a)BC') flag++;
else if (version == '12.3(9a)BC1') flag++;
else if (version == '12.3(9a)BC2') flag++;
else if (version == '12.3(9a)BC3') flag++;
else if (version == '12.3(9a)BC4') flag++;
else if (version == '12.3(9a)BC5') flag++;
else if (version == '12.3(9a)BC6') flag++;
else if (version == '12.3(9a)BC7') flag++;
else if (version == '12.3(9a)BC8') flag++;
else if (version == '12.3(9a)BC9') flag++;
else if (version == '12.3(9b)') flag++;
else if (version == '12.3(9c)') flag++;
else if (version == '12.3(9d)') flag++;
else if (version == '12.3(9e)') flag++;
else if (version == '12.3(9)M0') flag++;
else if (version == '12.3(9)M1') flag++;
else if (version == '12.9(9)S0225') flag++;

if (get_kb_item("Host/local_checks_enabled"))
{
  if (flag)
  {
    flag = 0;
    buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config");
    if (check_cisco_result(buf))
    {
      if (preg(pattern:"login local", multiline:TRUE, string:buf)) { flag = 1; }
    } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }
  }
}

if (flag)
{
  security_warning(port:0, extra:cisco_caveat(override));
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

Oval

accepted2008-09-08T04:00:48.595-04:00
classvulnerability
contributors
nameYuzheng Zhou
organizationHewlett-Packard
descriptionCisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.
familyios
idoval:org.mitre.oval:def:5824
statusaccepted
submitted2008-05-02T11:06:36.000-04:00
titleCisco IOS User Enumeration via Error Messages
version3

References