Vulnerabilities > CVE-2007-4285 - Denial-Of-Service vulnerability in IOS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
COMPLETE Summary
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |
Nessus
NASL family CISCO NASL id CISCO-SA-20070808-IOS-IPV6-LEAK.NASL description Cisco IOS and Cisco IOS XR contain a vulnerability when processing specially crafted IPv6 packets with a Type 0 Routing Header present. Exploitation of this vulnerability can lead to information leakage on affected IOS and IOS XR devices, and may also result in a crash of the affected IOS device. Successful exploitation on an affected device running Cisco IOS XR will not result in a crash of the device itself, but may result in a crash of the IPv6 subsystem. Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability. last seen 2019-10-28 modified 2010-09-01 plugin id 49006 published 2010-09-01 reporter This script is (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49006 title Information Leakage Using IPv6 Routing Header in Cisco IOS and Cisco IOS XR - Cisco Systems code #TRUSTED 6b022639ce5d36763b8a39593f60177f1aff308a0056f40ce175210ec877187d879ad65d5ed976b5d25477fb79db5964f73433a525bd4740abcc61e02e252d9112b55ed14688d9aa84f74808414ca94012960de07965471777ead1677c4bfc9e749fd0659881751ec66a79e0981e67b7cdb8c464a3e2f682979534498282b38f31c8cbe2a41a47dcbf29959fd488dc107d737acb206b239d95ff8d80ea68647d9699081b76d0f8bf7ef98b649d11112bb49d22f90bc6ae14aea299e6566a1ba33a8c65549db0c0eb2edd3360bb3d4b6327a3e7f4c1723d8f364915b9a85d4160d23defc0ba188134f47a66c369776c8d482d15a83a1a719d3a43e0a5a87ff66f8c234627d7c40f5cf9f0a1326cd47aa4b1d19a1e8cef0a859c4ec271fa9cf5f35d9d63489a376fe4059a18229f39a68fcf1573e2f343e8358525d598f4f249dad69798b772abcbde195375178e3b6a11e9563b63d20b7b1a31aa82e0742075f03b2dd5616c013a9c0d84c13fd0b7c24bf53e8e896c89c9e28ec5c69ff06c0c6b8da47efc25bcde9a2141da03c137557546ea0ce7af88f8603ef7304c4573ce55edc2fbb6814f51bbdae9e0fa05d47b3174f58ef31b73be22f757593d4ed945f254438b6eaf7bc6bb91908fa33f3065c3f87f45a37f7222930813c41632396807546b34d49ef4ed8b47ff9a6ec9ede328ad56428d13f04b0d5afcdfbdb0dafa56 # # (C) Tenable Network Security, Inc. # # Security advisory is (C) CISCO, Inc. # See https://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml include("compat.inc"); if (description) { script_id(49006); script_version("1.19"); script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15"); script_cve_id("CVE-2007-4285"); script_name(english:"Information Leakage Using IPv6 Routing Header in Cisco IOS and Cisco IOS XR - Cisco Systems"); script_summary(english:"Checks the IOS version."); script_set_attribute(attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch."); script_set_attribute(attribute:"description", value: 'Cisco IOS and Cisco IOS XR contain a vulnerability when processing specially crafted IPv6 packets with a Type 0 Routing Header present. Exploitation of this vulnerability can lead to information leakage on affected IOS and IOS XR devices, and may also result in a crash of the affected IOS device. Successful exploitation on an affected device running Cisco IOS XR will not result in a crash of the device itself, but may result in a crash of the IPv6 subsystem. Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability. '); # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-IOS-IPv6-leak script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8e301f29"); # https://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?40c21b51"); script_set_attribute(attribute:"solution", value: "Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20070808-IOS-IPv6-leak."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/08/08"); script_set_attribute(attribute:"patch_publication_date", value:"2007/08/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/01"); script_end_attributes(); script_xref(name:"CISCO-BUG-ID", value:"CSCef77013"); script_xref(name:"CISCO-BUG-ID", value:"CSCsi74127"); script_xref(name:"CISCO-BUG-ID", value:"CSCsi741273"); script_xref(name:"CISCO-SA", value:"cisco-sa-20070808-IOS-IPv6-leak"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is (C) 2010-2018 Tenable Network Security, Inc."); script_family(english:"CISCO"); script_dependencie("cisco_ios_version.nasl"); script_require_keys("Host/Cisco/IOS/Version"); exit(0); } include("audit.inc"); include("cisco_func.inc"); include("cisco_kb_cmd_func.inc"); flag = 0; version = get_kb_item_or_exit("Host/Cisco/IOS/Version"); override = 0; if (version == '12.3(8)ZA') flag++; else if (version == '12.3(11)YZ1') flag++; else if (version == '12.3(11)YZ') flag++; else if (version == '12.3(11)YK2') flag++; else if (version == '12.3(11)YK1') flag++; else if (version == '12.3(11)YK') flag++; else if (version == '12.3(11)YJ') flag++; else if (version == '12.3(8)YI3') flag++; else if (version == '12.3(8)YI2') flag++; else if (version == '12.3(8)YI1') flag++; else if (version == '12.3(8)YH') flag++; else if (version == '12.3(8)YG5') flag++; else if (version == '12.3(8)YG4') flag++; else if (version == '12.3(8)YG3') flag++; else if (version == '12.3(8)YG2') flag++; else if (version == '12.3(8)YG1') flag++; else if (version == '12.3(8)YG') flag++; else if (version == '12.3(11)YF4') flag++; else if (version == '12.3(11)YF3') flag++; else if (version == '12.3(11)YF2') flag++; else if (version == '12.3(11)YF1') flag++; else if (version == '12.3(11)YF') flag++; else if (version == '12.3(8)YD1') flag++; else if (version == '12.3(8)YD') flag++; else if (version == '12.3(8)YA1') flag++; else if (version == '12.3(8)YA') flag++; else if (version == '12.3(2)XZ2') flag++; else if (version == '12.3(2)XZ1') flag++; else if (version == '12.3(2)XZ') flag++; else if (version == '12.3(8)XX2d') flag++; else if (version == '12.3(8)XX1') flag++; else if (version == '12.3(8)XX') flag++; else if (version == '12.3(8)XW3') flag++; else if (version == '12.3(8)XW2') flag++; else if (version == '12.3(8)XW1') flag++; else if (version == '12.3(8)XW') flag++; else if (version == '12.3(8)XU5') flag++; else if (version == '12.3(8)XU4') flag++; else if (version == '12.3(8)XU3') flag++; else if (version == '12.3(8)XU2') flag++; else if (version == '12.3(8)XU1') flag++; else if (version == '12.3(8)XU') flag++; else if (version == '12.3(7)XS2') flag++; else if (version == '12.3(7)XS1') flag++; else if (version == '12.3(7)XS') flag++; else if (version == '12.3(7)XR6') flag++; else if (version == '12.3(7)XR5') flag++; else if (version == '12.3(7)XR4') flag++; else if (version == '12.3(7)XR3') flag++; else if (version == '12.3(7)XR2') flag++; else if (version == '12.3(7)XR') flag++; else if (version == '12.3(4)XQ1') flag++; else if (version == '12.3(4)XQ') flag++; else if (version == '12.3(11)XL1') flag++; else if (version == '12.3(11)XL') flag++; else if (version == '12.3(4)XK4') flag++; else if (version == '12.3(4)XK3') flag++; else if (version == '12.3(4)XK2') flag++; else if (version == '12.3(4)XK1') flag++; else if (version == '12.3(4)XK') flag++; else if (version == '12.3(7)XJ2') flag++; else if (version == '12.3(7)XJ1') flag++; else if (version == '12.3(7)XJ') flag++; else if (version == '12.3(7)XI8') flag++; else if (version == '12.3(7)XI7b') flag++; else if (version == '12.3(7)XI7a') flag++; else if (version == '12.3(7)XI7') flag++; else if (version == '12.3(7)XI6') flag++; else if (version == '12.3(7)XI5') flag++; else if (version == '12.3(7)XI4') flag++; else if (version == '12.3(7)XI3') flag++; else if (version == '12.3(7)XI2') flag++; else if (version == '12.3(7)XI1') flag++; else if (version == '12.3(4)XG5') flag++; else if (version == '12.3(4)XG4') flag++; else if (version == '12.3(4)XG3') flag++; else if (version == '12.3(4)XG2') flag++; else if (version == '12.3(4)XG1') flag++; else if (version == '12.3(4)XG') flag++; else if (version == '12.3(2)XF') flag++; else if (version == '12.3(2)XE1') flag++; else if (version == '12.3(2)XE') flag++; else if (version == '12.3(4)XD4') flag++; else if (version == '12.3(4)XD3') flag++; else if (version == '12.3(4)XD2') flag++; else if (version == '12.3(4)XD1') flag++; else if (version == '12.3(4)XD') flag++; else if (version == '12.3(2)XC3') flag++; else if (version == '12.3(2)XC2') flag++; else if (version == '12.3(2)XC1') flag++; else if (version == '12.3(2)XC') flag++; else if (version == '12.3(2)XB3') flag++; else if (version == '12.3(2)XB1') flag++; else if (version == '12.3(2)XB') flag++; else if (version == '12.3(2)XA4') flag++; else if (version == '12.3(2)XA2') flag++; else if (version == '12.3(2)XA1') flag++; else if (version == '12.3(2)XA') flag++; else if (version == '12.3(11)T9') flag++; else if (version == '12.3(11)T8') flag++; else if (version == '12.3(11)T7') flag++; else if (version == '12.3(11)T6') flag++; else if (version == '12.3(11)T5') flag++; else if (version == '12.3(11)T4') flag++; else if (version == '12.3(11)T3') flag++; else if (version == '12.3(11)T2') flag++; else if (version == '12.3(11)T11') flag++; else if (version == '12.3(11)T10') flag++; else if (version == '12.3(11)T') flag++; else if (version == '12.3(8)T9') flag++; else if (version == '12.3(8)T8') flag++; else if (version == '12.3(8)T7') flag++; else if (version == '12.3(8)T6') flag++; else if (version == '12.3(8)T5') flag++; else if (version == '12.3(8)T4') flag++; else if (version == '12.3(8)T3') flag++; else if (version == '12.3(8)T11') flag++; else if (version == '12.3(8)T10') flag++; else if (version == '12.3(8)T1') flag++; else if (version == '12.3(8)T') flag++; else if (version == '12.3(7)T9') flag++; else if (version == '12.3(7)T8') flag++; else if (version == '12.3(7)T7') flag++; else if (version == '12.3(7)T6') flag++; else if (version == '12.3(7)T4') flag++; else if (version == '12.3(7)T3') flag++; else if (version == '12.3(7)T2') flag++; else if (version == '12.3(7)T12') flag++; else if (version == '12.3(7)T11') flag++; else if (version == '12.3(7)T10') flag++; else if (version == '12.3(7)T1') flag++; else if (version == '12.3(7)T') flag++; else if (version == '12.3(4)T9') flag++; else if (version == '12.3(4)T8') flag++; else if (version == '12.3(4)T7') flag++; else if (version == '12.3(4)T6') flag++; else if (version == '12.3(4)T4') flag++; else if (version == '12.3(4)T3') flag++; else if (version == '12.3(4)T2a') flag++; else if (version == '12.3(4)T2') flag++; else if (version == '12.3(4)T13') flag++; else if (version == '12.3(4)T11') flag++; else if (version == '12.3(4)T10') flag++; else if (version == '12.3(4)T1') flag++; else if (version == '12.3(4)T') flag++; else if (version == '12.3(2)T9') flag++; else if (version == '12.3(2)T8') flag++; else if (version == '12.3(2)T7') flag++; else if (version == '12.3(2)T6') flag++; else if (version == '12.3(2)T5') flag++; else if (version == '12.3(2)T4') flag++; else if (version == '12.3(2)T3') flag++; else if (version == '12.3(2)T2') flag++; else if (version == '12.3(2)T1') flag++; else if (version == '12.3(2)T') flag++; else if (version == '12.3(1a)BW') flag++; else if (version == '12.3(13a)BC6') flag++; else if (version == '12.3(13a)BC5') flag++; else if (version == '12.3(13a)BC4') flag++; else if (version == '12.3(13a)BC3') flag++; else if (version == '12.3(13a)BC2') flag++; else if (version == '12.3(13a)BC1') flag++; else if (version == '12.3(13a)BC') flag++; else if (version == '12.3(9a)BC9') flag++; else if (version == '12.3(9a)BC8') flag++; else if (version == '12.3(9a)BC7') flag++; else if (version == '12.3(9a)BC6') flag++; else if (version == '12.3(9a)BC5') flag++; else if (version == '12.3(9a)BC4') flag++; else if (version == '12.3(9a)BC3') flag++; else if (version == '12.3(9a)BC2') flag++; else if (version == '12.3(9a)BC1') flag++; else if (version == '12.3(9a)BC') flag++; else if (version == '12.3(5a)B5') flag++; else if (version == '12.3(5a)B4') flag++; else if (version == '12.3(5a)B3') flag++; else if (version == '12.3(5a)B2') flag++; else if (version == '12.3(5a)B1') flag++; else if (version == '12.3(5a)B') flag++; else if (version == '12.3(3)B1') flag++; else if (version == '12.3(3)B') flag++; else if (version == '12.3(1a)B') flag++; else if (version == '12.3(13b)') flag++; else if (version == '12.3(13a)') flag++; else if (version == '12.3(13)') flag++; else if (version == '12.3(12e)') flag++; else if (version == '12.3(12d)') flag++; else if (version == '12.3(12c)') flag++; else if (version == '12.3(12b)') flag++; else if (version == '12.3(12a)') flag++; else if (version == '12.3(12)') flag++; else if (version == '12.3(10f)') flag++; else if (version == '12.3(10e)') flag++; else if (version == '12.3(10d)') flag++; else if (version == '12.3(10c)') flag++; else if (version == '12.3(10b)') flag++; else if (version == '12.3(10a)') flag++; else if (version == '12.3(10)') flag++; else if (version == '12.3(9e)') flag++; else if (version == '12.3(9d)') flag++; else if (version == '12.3(9c)') flag++; else if (version == '12.3(9b)') flag++; else if (version == '12.3(9a)') flag++; else if (version == '12.3(9)') flag++; else if (version == '12.3(6f)') flag++; else if (version == '12.3(6e)') flag++; else if (version == '12.3(6c)') flag++; else if (version == '12.3(6b)') flag++; else if (version == '12.3(6a)') flag++; else if (version == '12.3(6)') flag++; else if (version == '12.3(5f)') flag++; else if (version == '12.3(5e)') flag++; else if (version == '12.3(5d)') flag++; else if (version == '12.3(5c)') flag++; else if (version == '12.3(5b)') flag++; else if (version == '12.3(5a)') flag++; else if (version == '12.3(5)') flag++; else if (version == '12.3(3i)') flag++; else if (version == '12.3(3h)') flag++; else if (version == '12.3(3g)') flag++; else if (version == '12.3(3f)') flag++; else if (version == '12.3(3e)') flag++; else if (version == '12.3(3c)') flag++; else if (version == '12.3(3b)') flag++; else if (version == '12.3(3a)') flag++; else if (version == '12.3(3)') flag++; else if (version == '12.3(1a)') flag++; else if (version == '12.3(1)') flag++; else if (version == '12.2(15)ZL1') flag++; else if (version == '12.2(15)ZL') flag++; else if (version == '12.2(15)ZJ5') flag++; else if (version == '12.2(15)ZJ3') flag++; else if (version == '12.2(15)ZJ2') flag++; else if (version == '12.2(15)ZJ1') flag++; else if (version == '12.2(15)ZJ') flag++; else if (version == '12.2(13)ZH8') flag++; else if (version == '12.2(13)ZH7') flag++; else if (version == '12.2(13)ZH6') flag++; else if (version == '12.2(13)ZH5') flag++; else if (version == '12.2(13)ZH4') flag++; else if (version == '12.2(13)ZH3') flag++; else if (version == '12.2(13)ZH2') flag++; else if (version == '12.2(13)ZH') flag++; else if (version == '12.2(13)ZF2') flag++; else if (version == '12.2(13)ZF1') flag++; else if (version == '12.2(13)ZF') flag++; else if (version == '12.2(13)ZE') flag++; else if (version == '12.2(13)ZD4') flag++; else if (version == '12.2(13)ZD3') flag++; else if (version == '12.2(13)ZD2') flag++; else if (version == '12.2(13)ZD1') flag++; else if (version == '12.2(13)ZD') flag++; else if (version == '12.2(8)ZB8') flag++; else if (version == '12.2(8)ZB7') flag++; else if (version == '12.2(8)ZB6') flag++; else if (version == '12.2(8)ZB5') flag++; else if (version == '12.2(8)ZB4a') flag++; else if (version == '12.2(8)ZB4') flag++; else if (version == '12.2(8)ZB3') flag++; else if (version == '12.2(8)ZB2') flag++; else if (version == '12.2(8)ZB1') flag++; else if (version == '12.2(8)ZB') flag++; else if (version == '12.2(14)ZA7') flag++; else if (version == '12.2(14)ZA6') flag++; else if (version == '12.2(14)ZA5') flag++; else if (version == '12.2(14)ZA4') flag++; else if (version == '12.2(14)ZA3') flag++; else if (version == '12.2(14)ZA2') flag++; else if (version == '12.2(14)ZA1') flag++; else if (version == '12.2(14)ZA') flag++; else if (version == '12.2(9)ZA') flag++; else if (version == '12.2(11)YZ2') flag++; else if (version == '12.2(11)YZ1') flag++; else if (version == '12.2(11)YZ') flag++; else if (version == '12.2(8)YY4') flag++; else if (version == '12.2(8)YY3') flag++; else if (version == '12.2(8)YY2') flag++; else if (version == '12.2(8)YY1') flag++; else if (version == '12.2(8)YY') flag++; else if (version == '12.2(11)YX1') flag++; else if (version == '12.2(11)YX') flag++; else if (version == '12.2(8)YW3') flag++; else if (version == '12.2(8)YW2') flag++; else if (version == '12.2(8)YW1') flag++; else if (version == '12.2(8)YW') flag++; else if (version == '12.2(11)YV1') flag++; else if (version == '12.2(11)YV') flag++; else if (version == '12.2(11)YU') flag++; else if (version == '12.2(11)YT2') flag++; else if (version == '12.2(11)YT1') flag++; else if (version == '12.2(11)YT') flag++; else if (version == '12.2(11)YR') flag++; else if (version == '12.2(11)YQ') flag++; else if (version == '12.2(8)YN1') flag++; else if (version == '12.2(8)YN') flag++; else if (version == '12.2(8)YM') flag++; else if (version == '12.2(8)YL') flag++; else if (version == '12.2(8)YJ1') flag++; else if (version == '12.2(8)YJ') flag++; else if (version == '12.2(4)YH') flag++; else if (version == '12.2(4)YF') flag++; else if (version == '12.2(9)YE') flag++; else if (version == '12.2(8)YD3') flag++; else if (version == '12.2(8)YD2') flag++; else if (version == '12.2(8)YD1') flag++; else if (version == '12.2(8)YD') flag++; else if (version == '12.2(4)YB') flag++; else if (version == '12.2(4)YA9') flag++; else if (version == '12.2(4)YA8') flag++; else if (version == '12.2(4)YA7') flag++; else if (version == '12.2(4)YA6') flag++; else if (version == '12.2(4)YA2') flag++; else if (version == '12.2(4)YA12') flag++; else if (version == '12.2(4)YA11') flag++; else if (version == '12.2(4)YA10') flag++; else if (version == '12.2(4)YA1') flag++; else if (version == '12.2(4)YA') flag++; else if (version == '12.2(4)XW') flag++; else if (version == '12.2(4)XV5') flag++; else if (version == '12.2(4)XV4a') flag++; else if (version == '12.2(4)XV4') flag++; else if (version == '12.2(4)XV3') flag++; else if (version == '12.2(4)XV2') flag++; else if (version == '12.2(4)XV1') flag++; else if (version == '12.2(4)XV') flag++; else if (version == '12.2(2)XU') flag++; else if (version == '12.2(2)XT3') flag++; else if (version == '12.2(2)XT2') flag++; else if (version == '12.2(2)XT') flag++; else if (version == '12.2(2)XQ1') flag++; else if (version == '12.2(2)XQ') flag++; else if (version == '12.2(2)XN') flag++; else if (version == '12.2(4)XM4') flag++; else if (version == '12.2(4)XM3') flag++; else if (version == '12.2(4)XM2') flag++; else if (version == '12.2(4)XM') flag++; else if (version == '12.2(4)XL6') flag++; else if (version == '12.2(4)XL5') flag++; else if (version == '12.2(4)XL4') flag++; else if (version == '12.2(4)XL3') flag++; else if (version == '12.2(4)XL2') flag++; else if (version == '12.2(4)XL1') flag++; else if (version == '12.2(4)XL') flag++; else if (version == '12.2(2)XK3') flag++; else if (version == '12.2(2)XK2') flag++; else if (version == '12.2(2)XK') flag++; else if (version == '12.2(2)XJ') flag++; else if (version == '12.2(2)XI2') flag++; else if (version == '12.2(2)XI1') flag++; else if (version == '12.2(2)XI') flag++; else if (version == '12.2(2)XH2') flag++; else if (version == '12.2(2)XH1') flag++; else if (version == '12.2(2)XH') flag++; else if (version == '12.2(2)XG1') flag++; else if (version == '12.2(2)XG') flag++; else if (version == '12.2(4)XF1') flag++; else if (version == '12.2(1)XD4') flag++; else if (version == '12.2(1)XD3') flag++; else if (version == '12.2(1)XD2') flag++; else if (version == '12.2(1)XD1') flag++; else if (version == '12.2(1)XD') flag++; else if (version == '12.2(2)XC2') flag++; else if (version == '12.2(2)XC1') flag++; else if (version == '12.2(2)XC') flag++; else if (version == '12.2(2)XB8') flag++; else if (version == '12.2(2)XB7') flag++; else if (version == '12.2(2)XB6') flag++; else if (version == '12.2(2)XB5') flag++; else if (version == '12.2(2)XB3') flag++; else if (version == '12.2(2)XB2') flag++; else if (version == '12.2(2)XB15') flag++; else if (version == '12.2(2)XB14') flag++; else if (version == '12.2(2)XB12') flag++; else if (version == '12.2(2)XB11') flag++; else if (version == '12.2(2)XB10') flag++; else if (version == '12.2(2)XB1') flag++; else if (version == '12.2(2)XA5') flag++; else if (version == '12.2(2)XA4') flag++; else if (version == '12.2(2)XA3') flag++; else if (version == '12.2(2)XA2') flag++; else if (version == '12.2(2)XA1') flag++; else if (version == '12.2(2)XA') flag++; else if (version == '12.2(8)TPC10b') flag++; else if (version == '12.2(8)TPC10a') flag++; else if (version == '12.2(15)T9') flag++; else if (version == '12.2(15)T8') flag++; else if (version == '12.2(15)T7') flag++; else if (version == '12.2(15)T5') flag++; else if (version == '12.2(15)T4e') flag++; else if (version == '12.2(15)T4') flag++; else if (version == '12.2(15)T2') flag++; else if (version == '12.2(15)T16') flag++; else if (version == '12.2(15)T15') flag++; else if (version == '12.2(15)T14') flag++; else if (version == '12.2(15)T13') flag++; else if (version == '12.2(15)T12') flag++; else if (version == '12.2(15)T11') flag++; else if (version == '12.2(15)T10') flag++; else if (version == '12.2(15)T1') flag++; else if (version == '12.2(15)T') flag++; else if (version == '12.2(13)T9') flag++; else if (version == '12.2(13)T8') flag++; else if (version == '12.2(13)T5') flag++; else if (version == '12.2(13)T4') flag++; else if (version == '12.2(13)T3') flag++; else if (version == '12.2(13)T2') flag++; else if (version == '12.2(13)T16') flag++; else if (version == '12.2(13)T14') flag++; else if (version == '12.2(13)T13') flag++; else if (version == '12.2(13)T12') flag++; else if (version == '12.2(13)T11') flag++; else if (version == '12.2(13)T10') flag++; else if (version == '12.2(13)T1a') flag++; else if (version == '12.2(13)T1') flag++; else if (version == '12.2(13)T') flag++; else if (version == '12.2(11)T9') flag++; else if (version == '12.2(11)T8') flag++; else if (version == '12.2(11)T6') flag++; else if (version == '12.2(11)T5') flag++; else if (version == '12.2(11)T3') flag++; else if (version == '12.2(11)T2') flag++; else if (version == '12.2(11)T11') flag++; else if (version == '12.2(11)T10') flag++; else if (version == '12.2(11)T1') flag++; else if (version == '12.2(11)T') flag++; else if (version == '12.2(8)T8') flag++; else if (version == '12.2(8)T5') flag++; else if (version == '12.2(8)T4') flag++; else if (version == '12.2(8)T3') flag++; else if (version == '12.2(8)T2') flag++; else if (version == '12.2(8)T10') flag++; else if (version == '12.2(8)T1') flag++; else if (version == '12.2(8)T') flag++; else if (version == '12.2(4)T7') flag++; else if (version == '12.2(4)T6') flag++; else if (version == '12.2(4)T5') flag++; else if (version == '12.2(4)T3') flag++; else if (version == '12.2(4)T2') flag++; else if (version == '12.2(4)T1') flag++; else if (version == '12.2(4)T') flag++; else if (version == '12.2(2)T4') flag++; else if (version == '12.2(2)T3') flag++; else if (version == '12.2(2)T2') flag++; else if (version == '12.2(2)T1') flag++; else if (version == '12.2(2)T') flag++; else if (version == '12.2(14)SZ6') flag++; else if (version == '12.2(14)SZ5') flag++; else if (version == '12.2(14)SZ4') flag++; else if (version == '12.2(14)SZ3') flag++; else if (version == '12.2(14)SZ2') flag++; else if (version == '12.2(14)SZ1') flag++; else if (version == '12.2(14)SZ') flag++; else if (version == '12.2(14)SY5') flag++; else if (version == '12.2(14)SY4') flag++; else if (version == '12.2(14)SY3') flag++; else if (version == '12.2(14)SY2') flag++; else if (version == '12.2(14)SY1') flag++; else if (version == '12.2(14)SY') flag++; else if (version == '12.2(18)SXD7b') flag++; else if (version == '12.2(18)SXD7a') flag++; else if (version == '12.2(18)SXD7') flag++; else if (version == '12.2(18)SXD6') flag++; else if (version == '12.2(18)SXD5') flag++; else if (version == '12.2(18)SXD4') flag++; else if (version == '12.2(18)SXD3') flag++; else if (version == '12.2(18)SXD2') flag++; else if (version == '12.2(18)SXD1') flag++; else if (version == '12.2(18)SXD') flag++; else if (version == '12.2(17d)SXB9') flag++; else if (version == '12.2(17d)SXB8') flag++; else if (version == '12.2(17d)SXB7') flag++; else if (version == '12.2(17d)SXB6') flag++; else if (version == '12.2(17d)SXB5') flag++; else if (version == '12.2(17d)SXB4') flag++; else if (version == '12.2(17d)SXB3') flag++; else if (version == '12.2(17d)SXB2') flag++; else if (version == '12.2(17d)SXB11a') flag++; else if (version == '12.2(17d)SXB11') flag++; else if (version == '12.2(17d)SXB10') flag++; else if (version == '12.2(17d)SXB1') flag++; else if (version == '12.2(17d)SXB') flag++; else if (version == '12.2(17b)SXA2') flag++; else if (version == '12.2(17b)SXA') flag++; else if (version == '12.2(17a)SX4') flag++; else if (version == '12.2(17a)SX3') flag++; else if (version == '12.2(17a)SX2') flag++; else if (version == '12.2(17a)SX1') flag++; else if (version == '12.2(17a)SX') flag++; else if (version == '12.2(14)SX2') flag++; else if (version == '12.2(14)SX1') flag++; else if (version == '12.2(14)SX') flag++; else if (version == '12.2(25)SW9') flag++; else if (version == '12.2(25)SW8') flag++; else if (version == '12.2(25)SW7') flag++; else if (version == '12.2(25)SW6') flag++; else if (version == '12.2(25)SW5') flag++; else if (version == '12.2(25)SW4a') flag++; else if (version == '12.2(25)SW4') flag++; else if (version == '12.2(25)SW3a') flag++; else if (version == '12.2(25)SW3') flag++; else if (version == '12.2(25)SW2') flag++; else if (version == '12.2(25)SW10') flag++; else if (version == '12.2(25)SW1') flag++; else if (version == '12.2(23)SW1') flag++; else if (version == '12.2(23)SW') flag++; else if (version == '12.2(21)SW1') flag++; else if (version == '12.2(21)SW') flag++; else if (version == '12.2(25)SV2') flag++; else if (version == '12.2(24)SV1') flag++; else if (version == '12.2(23)SV1') flag++; else if (version == '12.2(22)SV1') flag++; else if (version == '12.2(18)SV3') flag++; else if (version == '12.2(14)SU2') flag++; else if (version == '12.2(14)SU1') flag++; else if (version == '12.2(14)SU') flag++; else if (version == '12.2(25)SG1') flag++; else if (version == '12.2(25)SG') flag++; else if (version == '12.2(25)SEG1') flag++; else if (version == '12.2(25)SEG') flag++; else if (version == '12.2(25)SEE3') flag++; else if (version == '12.2(25)SEE2') flag++; else if (version == '12.2(25)SEE1') flag++; else if (version == '12.2(25)SEE') flag++; else if (version == '12.2(25)SED1') flag++; else if (version == '12.2(25)SED') flag++; else if (version == '12.2(25)SEC2') flag++; else if (version == '12.2(25)SEC1') flag++; else if (version == '12.2(25)SEC') flag++; else if (version == '12.2(25)SEB4') flag++; else if (version == '12.2(25)SEB3') flag++; else if (version == '12.2(25)SEB2') flag++; else if (version == '12.2(25)SEB1') flag++; else if (version == '12.2(25)SEB') flag++; else if (version == '12.2(25)SEA') flag++; else if (version == '12.2(25)S9') flag++; else if (version == '12.2(25)S8') flag++; else if (version == '12.2(25)S7') flag++; else if (version == '12.2(25)S6') flag++; else if (version == '12.2(25)S5') flag++; else if (version == '12.2(25)S4') flag++; else if (version == '12.2(25)S3') flag++; else if (version == '12.2(25)S2') flag++; else if (version == '12.2(25)S12') flag++; else if (version == '12.2(25)S11') flag++; else if (version == '12.2(25)S10') flag++; else if (version == '12.2(25)S1') flag++; else if (version == '12.2(25)S') flag++; else if (version == '12.2(22)S2') flag++; else if (version == '12.2(22)S1') flag++; else if (version == '12.2(22)S') flag++; else if (version == '12.2(20)S9') flag++; else if (version == '12.2(20)S8') flag++; else if (version == '12.2(20)S7') flag++; else if (version == '12.2(20)S6') flag++; else if (version == '12.2(20)S5') flag++; else if (version == '12.2(20)S4') flag++; else if (version == '12.2(20)S3') flag++; else if (version == '12.2(20)S2') flag++; else if (version == '12.2(20)S13') flag++; else if (version == '12.2(20)S12') flag++; else if (version == '12.2(20)S11') flag++; else if (version == '12.2(20)S10') flag++; else if (version == '12.2(20)S1') flag++; else if (version == '12.2(20)S') flag++; else if (version == '12.2(18)S9') flag++; else if (version == '12.2(18)S8') flag++; else if (version == '12.2(18)S7') flag++; else if (version == '12.2(18)S6') flag++; else if (version == '12.2(18)S5') flag++; else if (version == '12.2(18)S4') flag++; else if (version == '12.2(18)S3') flag++; else if (version == '12.2(18)S2') flag++; else if (version == '12.2(18)S12') flag++; else if (version == '12.2(18)S11') flag++; else if (version == '12.2(18)S10') flag++; else if (version == '12.2(18)S1') flag++; else if (version == '12.2(18)S') flag++; else if (version == '12.2(14)S9') flag++; else if (version == '12.2(14)S8') flag++; else if (version == '12.2(14)S7') flag++; else if (version == '12.2(14)S5') flag++; else if (version == '12.2(14)S3') flag++; else if (version == '12.2(14)S2') flag++; else if (version == '12.2(14)S18') flag++; else if (version == '12.2(14)S17') flag++; else if (version == '12.2(14)S16') flag++; else if (version == '12.2(14)S15') flag++; else if (version == '12.2(14)S14') flag++; else if (version == '12.2(14)S13') flag++; else if (version == '12.2(14)S12') flag++; else if (version == '12.2(14)S11') flag++; else if (version == '12.2(14)S10') flag++; else if (version == '12.2(14)S1') flag++; else if (version == '12.2(14)S') flag++; else if (version == '12.2(9)S') flag++; else if (version == '12.2(15)MC2i') flag++; else if (version == '12.2(15)MC2g') flag++; else if (version == '12.2(15)MC2f') flag++; else if (version == '12.2(15)MC2e') flag++; else if (version == '12.2(15)MC2c') flag++; else if (version == '12.2(15)MC2b') flag++; else if (version == '12.2(15)MC2a') flag++; else if (version == '12.2(15)MC1c') flag++; else if (version == '12.2(15)MC1b') flag++; else if (version == '12.2(15)MC1a') flag++; else if (version == '12.2(15)MC1') flag++; else if (version == '12.2(8)MC2d') flag++; else if (version == '12.2(8)MC2c') flag++; else if (version == '12.2(8)MC2b') flag++; else if (version == '12.2(8)MC2') flag++; else if (version == '12.2(8)MC1') flag++; else if (version == '12.2(25)FZ') flag++; else if (version == '12.2(25)EZ1') flag++; else if (version == '12.2(25)EZ') flag++; else if (version == '12.2(25)EWA9') flag++; else if (version == '12.2(25)EWA8') flag++; else if (version == '12.2(25)EWA7') flag++; else if (version == '12.2(25)EWA6') flag++; else if (version == '12.2(25)EWA5') flag++; else if (version == '12.2(25)EWA4') flag++; else if (version == '12.2(25)EWA3') flag++; else if (version == '12.2(25)EWA2') flag++; else if (version == '12.2(25)EWA1') flag++; else if (version == '12.2(25)EWA') flag++; else if (version == '12.2(20)EWA4') flag++; else if (version == '12.2(20)EWA3') flag++; else if (version == '12.2(20)EWA2') flag++; else if (version == '12.2(20)EWA1') flag++; else if (version == '12.2(20)EWA') flag++; else if (version == '12.2(25)EW') flag++; else if (version == '12.2(20)EW4') flag++; else if (version == '12.2(20)EW3') flag++; else if (version == '12.2(20)EW2') flag++; else if (version == '12.2(20)EW1') flag++; else if (version == '12.2(20)EW') flag++; else if (version == '12.2(20)EU2') flag++; else if (version == '12.2(20)EU1') flag++; else if (version == '12.2(20)EU') flag++; else if (version == '12.2(2)DX3') flag++; else if (version == '12.2(1)DX1') flag++; else if (version == '12.2(1)DX') flag++; else if (version == '12.2(2)DD4') flag++; else if (version == '12.2(2)DD3') flag++; else if (version == '12.2(2)DD2') flag++; else if (version == '12.2(2)DD1') flag++; else if (version == '12.2(2)DD') flag++; else if (version == '12.2(15)CX1') flag++; else if (version == '12.2(15)CX') flag++; else if (version == '12.2(11)CX1') flag++; else if (version == '12.2(11)CX') flag++; else if (version == '12.2(8)BY2') flag++; else if (version == '12.2(8)BY1') flag++; else if (version == '12.2(8)BY') flag++; else if (version == '12.2(16)BX3') flag++; else if (version == '12.2(16)BX2') flag++; else if (version == '12.2(16)BX1') flag++; else if (version == '12.2(16)BX') flag++; else if (version == '12.2(2)BX1') flag++; else if (version == '12.2(2)BX') flag++; else if (version == '12.2(4)BW2') flag++; else if (version == '12.2(4)BW1a') flag++; else if (version == '12.2(4)BW1') flag++; else if (version == '12.2(4)BW') flag++; else if (version == '12.2(15)BC2i') flag++; else if (version == '12.2(15)BC2h') flag++; else if (version == '12.2(15)BC2g') flag++; else if (version == '12.2(15)BC2f') flag++; else if (version == '12.2(15)BC2e') flag++; else if (version == '12.2(15)BC2c') flag++; else if (version == '12.2(15)BC2b') flag++; else if (version == '12.2(15)BC2a') flag++; else if (version == '12.2(15)BC2') flag++; else if (version == '12.2(15)BC1g') flag++; else if (version == '12.2(15)BC1f') flag++; else if (version == '12.2(15)BC1d') flag++; else if (version == '12.2(15)BC1c') flag++; else if (version == '12.2(15)BC1b') flag++; else if (version == '12.2(15)BC1a') flag++; else if (version == '12.2(15)BC1') flag++; else if (version == '12.2(11)BC3d') flag++; else if (version == '12.2(11)BC3c') flag++; else if (version == '12.2(11)BC3b') flag++; else if (version == '12.2(11)BC3a') flag++; else if (version == '12.2(11)BC3') flag++; else if (version == '12.2(11)BC2') flag++; else if (version == '12.2(11)BC1b') flag++; else if (version == '12.2(11)BC1a') flag++; else if (version == '12.2(11)BC1') flag++; else if (version == '12.2(8)BC2a') flag++; else if (version == '12.2(8)BC2') flag++; else if (version == '12.2(8)BC1') flag++; else if (version == '12.2(4)BC1b') flag++; else if (version == '12.2(4)BC1a') flag++; else if (version == '12.2(4)BC1') flag++; else if (version == '12.2(16)B2') flag++; else if (version == '12.2(16)B1') flag++; else if (version == '12.2(16)B') flag++; else if (version == '12.2(15)B') flag++; else if (version == '12.2(4)B8') flag++; else if (version == '12.2(4)B7') flag++; else if (version == '12.2(4)B6') flag++; else if (version == '12.2(4)B5') flag++; else if (version == '12.2(4)B4') flag++; else if (version == '12.2(4)B3') flag++; else if (version == '12.2(4)B2') flag++; else if (version == '12.2(4)B1') flag++; else if (version == '12.2(4)B') flag++; else if (version == '12.2(2)B7') flag++; else if (version == '12.2(2)B6') flag++; else if (version == '12.2(2)B5') flag++; else if (version == '12.2(2)B4') flag++; else if (version == '12.2(2)B3') flag++; else if (version == '12.2(2)B2') flag++; else if (version == '12.2(2)B1') flag++; else if (version == '12.2(2)B') flag++; else if (version == '12.1(5)YD6') flag++; else if (version == '12.1(5)YD5') flag++; else if (version == '12.1(5)YD4') flag++; else if (version == '12.1(5)YD3') flag++; else if (version == '12.1(5)YD2') flag++; else if (version == '12.1(5)YD1') flag++; else if (version == '12.1(5)YD') flag++; else if (version == '12.1(5)YC3') flag++; else if (version == '12.1(5)YC2') flag++; else if (version == '12.1(5)YC1') flag++; else if (version == '12.1(5)YC') flag++; else if (version == '12.1(5)YB5') flag++; else if (version == '12.1(5)YB4') flag++; else if (version == '12.1(5)YB1') flag++; else if (version == '12.1(5)YB') flag++; else if (version == '12.1(5)XV') flag++; else if (version == '12.1(5)XU1') flag++; else if (version == '12.1(5)XU') flag++; else if (version == '12.0(23)SZ3') flag++; else if (version == '12.0(21)SZ') flag++; else if (version == '12.0(32)SY3') flag++; else if (version == '12.0(32)SY2') flag++; else if (version == '12.0(32)SY1') flag++; else if (version == '12.0(32)SY') flag++; else if (version == '12.0(28)SW1') flag++; else if (version == '12.0(21)ST7') flag++; else if (version == '12.0(21)ST6a') flag++; else if (version == '12.0(21)ST6') flag++; else if (version == '12.0(21)ST5') flag++; else if (version == '12.0(21)ST4') flag++; else if (version == '12.0(21)ST3a') flag++; else if (version == '12.0(21)ST3') flag++; else if (version == '12.0(21)ST2b') flag++; else if (version == '12.0(21)ST2a') flag++; else if (version == '12.0(21)ST2') flag++; else if (version == '12.0(21)ST1') flag++; else if (version == '12.0(21)ST') flag++; else if (version == '12.0(20)ST2') flag++; else if (version == '12.0(19)ST6') flag++; else if (version == '12.0(19)ST5') flag++; else if (version == '12.0(19)ST4') flag++; else if (version == '12.0(19)ST3') flag++; else if (version == '12.0(19)ST2') flag++; else if (version == '12.0(19)ST1') flag++; else if (version == '12.0(32)S7') flag++; else if (version == '12.0(32)S6') flag++; else if (version == '12.0(32)S5') flag++; else if (version == '12.0(32)S4') flag++; else if (version == '12.0(32)S3d') flag++; else if (version == '12.0(32)S3') flag++; else if (version == '12.0(32)S2') flag++; else if (version == '12.0(32)S1') flag++; else if (version == '12.0(32)S') flag++; else if (version == '12.0(31)S6') flag++; else if (version == '12.0(31)S5') flag++; else if (version == '12.0(31)S4') flag++; else if (version == '12.0(31)S3') flag++; else if (version == '12.0(31)S2') flag++; else if (version == '12.0(31)S1') flag++; else if (version == '12.0(31)S') flag++; else if (version == '12.0(30)S5') flag++; else if (version == '12.0(30)S4') flag++; else if (version == '12.0(30)S3') flag++; else if (version == '12.0(30)S2') flag++; else if (version == '12.0(30)S1') flag++; else if (version == '12.0(30)S') flag++; else if (version == '12.0(29)S1') flag++; else if (version == '12.0(29)S') flag++; else if (version == '12.0(28)S6') flag++; else if (version == '12.0(28)S5') flag++; else if (version == '12.0(28)S4') flag++; else if (version == '12.0(28)S3') flag++; else if (version == '12.0(28)S2') flag++; else if (version == '12.0(28)S1') flag++; else if (version == '12.0(28)S') flag++; else if (version == '12.0(27)S5') flag++; else if (version == '12.0(27)S4') flag++; else if (version == '12.0(27)S3') flag++; else if (version == '12.0(27)S2a') flag++; else if (version == '12.0(27)S2') flag++; else if (version == '12.0(27)S1') flag++; else if (version == '12.0(27)S') flag++; else if (version == '12.0(26)S6') flag++; else if (version == '12.0(26)S5') flag++; else if (version == '12.0(26)S4') flag++; else if (version == '12.0(26)S3') flag++; else if (version == '12.0(26)S2c') flag++; else if (version == '12.0(26)S2') flag++; else if (version == '12.0(26)S1') flag++; else if (version == '12.0(26)S') flag++; else if (version == '12.0(25)S4') flag++; else if (version == '12.0(25)S3') flag++; else if (version == '12.0(25)S2') flag++; else if (version == '12.0(25)S1d') flag++; else if (version == '12.0(25)S1c') flag++; else if (version == '12.0(25)S1b') flag++; else if (version == '12.0(25)S1a') flag++; else if (version == '12.0(25)S1') flag++; else if (version == '12.0(25)S') flag++; else if (version == '12.0(24)S6') flag++; else if (version == '12.0(24)S5') flag++; else if (version == '12.0(24)S4a') flag++; else if (version == '12.0(24)S4') flag++; else if (version == '12.0(24)S3') flag++; else if (version == '12.0(24)S2b') flag++; else if (version == '12.0(24)S2a') flag++; else if (version == '12.0(24)S2') flag++; else if (version == '12.0(24)S1') flag++; else if (version == '12.0(24)S') flag++; else if (version == '12.0(23)S6a') flag++; else if (version == '12.0(23)S6') flag++; else if (version == '12.0(23)S5') flag++; else if (version == '12.0(23)S4') flag++; else if (version == '12.0(23)S3c') flag++; else if (version == '12.0(23)S3b') flag++; else if (version == '12.0(23)S3a') flag++; else if (version == '12.0(23)S3') flag++; else if (version == '12.0(23)S2a') flag++; else if (version == '12.0(23)S2') flag++; else if (version == '12.0(23)S1') flag++; else if (version == '12.0(23)S') flag++; else if (version == '12.0(22)S6') flag++; else if (version == '12.0(22)S5a') flag++; else if (version == '12.0(22)S5') flag++; else if (version == '12.0(22)S4a') flag++; else if (version == '12.0(22)S4') flag++; else if (version == '12.0(22)S3c') flag++; else if (version == '12.0(22)S3b') flag++; else if (version == '12.0(22)S3a') flag++; else if (version == '12.0(22)S3') flag++; else if (version == '12.0(22)S2') flag++; else if (version == '12.0(22)S1') flag++; else if (version == '12.0(22)S') flag++; if (get_kb_item("Host/local_checks_enabled")) { if (flag) { flag = 0; buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config"); if (check_cisco_result(buf)) { if (preg(pattern:"ipv6 address", multiline:TRUE, string:buf)) { flag = 1; } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } } } if (flag) { security_hole(port:0, extra:cisco_caveat(override)); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family CISCO NASL id CISCO-SA-20070808-IOS-IPV6-LEAK-IOSXR.NASL description Cisco IOS XR contains a vulnerability when processing specially crafted IPv6 packets with a Type 0 Routing Header present. Exploitation of this vulnerability leads to information leakage on affected IOS and IOS XR devices, and can also result in a crash of the affected IOS device. Successful exploitation on an affected device running Cisco IOS XR will not result in a crash of the device itself, but may result in a crash of the IPv6 subsystem. Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 71432 published 2013-12-14 reporter This script is (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/71432 title Information Leakage Using IPv6 Routing Header in Cisco IOS XR (cisco-sa-20070808-IOS-IPv6-leak)
Oval
| accepted | 2008-09-08T04:00:52.250-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header. | ||||
| family | ios | ||||
| id | oval:org.mitre.oval:def:5840 | ||||
| status | accepted | ||||
| submitted | 2008-05-26T11:06:36.000-04:00 | ||||
| title | Cisco IOS 12.3 IPv6 Packet Processing Information Leakage Vulnerability | ||||
| version | 3 |
References
- http://secunia.com/advisories/26359
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml
- http://www.securitytracker.com/id?1018542
- http://www.vupen.com/english/advisories/2007/2819
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35906
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5840