Vulnerabilities > CVE-2010-0586 - Unspecified vulnerability in Cisco IOS

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

nessus

NVD

Published: 2010-03-25

Updated: 2017-09-19

Summary

Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability."

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS 12.1Yd Cisco IOS 12.1Ye Cisco IOS 12.1Yi Cisco IOS 12.2B Cisco IOS 12.2Bx Cisco IOS 12.2By Cisco IOS 12.2Mc Cisco IOS 12.2T Cisco IOS 12.2Tpc Cisco IOS 12.2Xb Cisco IOS 12.2Xg Cisco IOS 12.2Xm Cisco IOS 12.2Xt Cisco IOS 12.2Xu Cisco IOS 12.2Xw Cisco IOS 12.2Ya Cisco IOS 12.2Yb Cisco IOS 12.2Yc Cisco IOS 12.2Yd Cisco IOS 12.2Yh Cisco IOS 12.2Yj Cisco IOS 12.2Yl Cisco IOS 12.2Ym Cisco IOS 12.2Yn Cisco IOS 12.2Yt Cisco IOS 12.2Yu Cisco IOS 12.2Yv Cisco IOS 12.2Yw Cisco IOS 12.2Yy Cisco IOS 12.2Zb Cisco IOS 12.2Zc Cisco IOS 12.2Zd Cisco IOS 12.2Ze Cisco IOS 12.2Zf Cisco IOS 12.2Zh Cisco IOS 12.2Zj Cisco IOS 12.2Zl Cisco IOS 12.2Zp Cisco IOS 12.3 Cisco IOS 12.3B Cisco IOS 12.3Jk Cisco IOS 12.3T Cisco IOS 12.3Tpc Cisco IOS 12.3Xa Cisco IOS 12.3Xb Cisco IOS 12.3Xc Cisco IOS 12.3Xd Cisco IOS 12.3Xe Cisco IOS 12.3Xf Cisco IOS 12.3Xg Cisco IOS 12.3Xi Cisco IOS 12.3Xj Cisco IOS 12.3Xk Cisco IOS 12.3Xl Cisco IOS 12.3Xq Cisco IOS 12.3Xr Cisco IOS 12.3Xu Cisco IOS 12.3Xw Cisco IOS 12.3Xx Cisco IOS 12.3Xy Cisco IOS 12.3Xz Cisco IOS 12.3Yf Cisco IOS 12.3Yg Cisco IOS 12.3Yk Cisco IOS 12.3Ym Cisco IOS 12.3Yq Cisco IOS 12.3Ys Cisco IOS 12.3Yt Cisco IOS 12.3Yu Cisco IOS 12.3Yx Cisco IOS 12.3Yz Cisco IOS 12.3Za Cisco IOS 12.4 Cisco IOS 12.4Gc Cisco IOS 12.4Mr Cisco IOS 12.4T Cisco IOS 12.4Xa Cisco IOS 12.4Xb Cisco IOS 12.4Xc Cisco IOS 12.4Xd Cisco IOS 12.4Xe Cisco IOS 12.4Xg Cisco IOS 12.4Xj Cisco IOS 12.4Xl Cisco IOS 12.4Xm Cisco IOS 12.4Xp Cisco IOS 12.4Xt Cisco IOS 12.4Xv Cisco IOS 12.4Xw Cisco IOS 12.4Xy Cisco IOS 12.4Xz Cisco IOS 12.4Ya Cisco IOS 12.4Yb	93

Nessus

NASL family	CISCO
NASL id	CISCO-SA-20100324-CUCMEHTTP.NASL
description	Devices running Cisco IOS Software and configured for Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) operation are affected by two denial of service vulnerabilities that may result in a device reload if successfully exploited. The vulnerabilities are triggered when the Cisco IOS device processes specific, malformed Skinny Call Control Protocol (SCCP) messages. Cisco has released free software updates that address these vulnerabilities.
last seen	2019-10-28
modified	2010-09-01
plugin id	49049
published	2010-09-01
reporter	This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/49049
title	Cisco Unified Communications Manager Express Denial of Service Vulnerabilities (cisco-sa-20100324-cucme)
code	#TRUSTED 219f717971f32ecb0285f68d6fb6ac51d95ba3dcf9498919d13e4a21d1f81ceb1cbacfb43604e8940c400e2894ad1c2c414162675eb550830c6dd77f0a8f1ca8b0ec10a3b7bc095aa4d22b856811d479e0a5f98326b24985a7308b1e731b0701c5499afe8375e31707d3398fbe7f5c88facdb4b413dfde0be965f40bd8b5deddcef6bcfd6e62d8502485aab6af3146b412477265ea086cd9a7d7732a75757537f953510e7cd85b2e9790a6665fce4249fd20f6be41819f5aa5fd42e2448c68e91ecb94e8dc746be787b621d1f4a909493333d67b813ddc12982c2e03f9acb70994c249b1dbe389f1336b3b095131935a212d0a4c4a09b0934d9a76b2fba576d14c72fda27d39a266b7e6e7f3e84a08729deb8b366dc9930336f810a15ae5cd284c247a7d768f69faeec440704fa3ef5a36e01aad53af21a01a5c0aa8e44cc41ece751cfc2d3a1d4295e9ce8e4ee4203642cc7291ec01fc34e84a0a61d04d4c9b6e6aed81589e0045b85dea1724c9c0edc8ee1ad5811a378ad2cf744364daa03f55cd1f6fc60406d94e4529f54b80e716f340c84ea005c447c1c59f3c7da779cb8954423e03abd8397f21b304b4442c30dfa9dbb6749117e0e5763d75e623739929cda9b8c1230b75240745b8c3b1ebfce9f40b1e9014b00b177c3779bb154a24f8f11ce75fcf43ed16a857fab7ec39b0da0553b29ada93cd1e3c17b2835f09c6 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Cisco Security Advisory cisco-sa-20100324-cucme. # The text itself is copyright (C) Cisco # include("compat.inc"); if (description) { script_id(49049); script_version("1.22"); script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15"); script_cve_id("CVE-2010-0585", "CVE-2010-0586"); script_xref(name:"CISCO-BUG-ID", value:"CSCsz48614"); script_xref(name:"CISCO-BUG-ID", value:"CSCsz49741"); script_xref(name:"CISCO-SA", value:"cisco-sa-20100324-cucme"); script_name(english:"Cisco Unified Communications Manager Express Denial of Service Vulnerabilities (cisco-sa-20100324-cucme)"); script_summary(english:"Checks the IOS version."); script_set_attribute( attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "Devices running Cisco IOS Software and configured for Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) operation are affected by two denial of service vulnerabilities that may result in a device reload if successfully exploited. The vulnerabilities are triggered when the Cisco IOS device processes specific, malformed Skinny Call Control Protocol (SCCP) messages. Cisco has released free software updates that address these vulnerabilities." ); # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100324-cucme script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9569ab11" ); script_set_attribute( attribute:"solution", value: "Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20100324-cucme." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/03/24"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc."); script_family(english:"CISCO"); script_dependencies("cisco_ios_version.nasl"); script_require_keys("Host/Cisco/IOS/Version"); exit(0); } include("audit.inc"); include("cisco_func.inc"); include("cisco_kb_cmd_func.inc"); flag = 0; override = 0; version = get_kb_item_or_exit("Host/Cisco/IOS/Version"); if ( version == '12.1(5)YD' ) flag++; if ( version == '12.1(5)YD1' ) flag++; if ( version == '12.1(5)YD2' ) flag++; if ( version == '12.1(5)YD3' ) flag++; if ( version == '12.1(5)YD4' ) flag++; if ( version == '12.1(5)YD5' ) flag++; if ( version == '12.1(5)YD6' ) flag++; if ( version == '12.1(5)YE1' ) flag++; if ( version == '12.1(5)YE2' ) flag++; if ( version == '12.1(5)YE3' ) flag++; if ( version == '12.1(5)YE4' ) flag++; if ( version == '12.1(5)YE5' ) flag++; if ( version == '12.1(5)YI' ) flag++; if ( version == '12.1(5)YI1' ) flag++; if ( version == '12.1(5)YI2' ) flag++; if ( version == '12.2(11)T' ) flag++; if ( version == '12.2(11)T1' ) flag++; if ( version == '12.2(11)T10' ) flag++; if ( version == '12.2(11)T11' ) flag++; if ( version == '12.2(11)T2' ) flag++; if ( version == '12.2(11)T3' ) flag++; if ( version == '12.2(11)T4' ) flag++; if ( version == '12.2(11)T5' ) flag++; if ( version == '12.2(11)T6' ) flag++; if ( version == '12.2(11)T7' ) flag++; if ( version == '12.2(11)T8' ) flag++; if ( version == '12.2(11)T9' ) flag++; if ( version == '12.2(11)YT' ) flag++; if ( version == '12.2(11)YT1' ) flag++; if ( version == '12.2(11)YT2' ) flag++; if ( version == '12.2(11)YU' ) flag++; if ( version == '12.2(11)YV' ) flag++; if ( version == '12.2(13)T' ) flag++; if ( version == '12.2(13)T1' ) flag++; if ( version == '12.2(13)T10' ) flag++; if ( version == '12.2(13)T11' ) flag++; if ( version == '12.2(13)T12' ) flag++; if ( version == '12.2(13)T13' ) flag++; if ( version == '12.2(13)T14' ) flag++; if ( version == '12.2(13)T15' ) flag++; if ( version == '12.2(13)T16' ) flag++; if ( version == '12.2(13)T17' ) flag++; if ( version == '12.2(13)T1a' ) flag++; if ( version == '12.2(13)T2' ) flag++; if ( version == '12.2(13)T3' ) flag++; if ( version == '12.2(13)T4' ) flag++; if ( version == '12.2(13)T5' ) flag++; if ( version == '12.2(13)T6' ) flag++; if ( version == '12.2(13)T7' ) flag++; if ( version == '12.2(13)T8' ) flag++; if ( version == '12.2(13)T8a' ) flag++; if ( version == '12.2(13)T9' ) flag++; if ( version == '12.2(13)ZC' ) flag++; if ( version == '12.2(13)ZD' ) flag++; if ( version == '12.2(13)ZD1' ) flag++; if ( version == '12.2(13)ZD2' ) flag++; if ( version == '12.2(13)ZD3' ) flag++; if ( version == '12.2(13)ZD4' ) flag++; if ( version == '12.2(13)ZE' ) flag++; if ( version == '12.2(13)ZF' ) flag++; if ( version == '12.2(13)ZF1' ) flag++; if ( version == '12.2(13)ZF2' ) flag++; if ( version == '12.2(13)ZH' ) flag++; if ( version == '12.2(13)ZH2' ) flag++; if ( version == '12.2(13)ZH3' ) flag++; if ( version == '12.2(13)ZH5' ) flag++; if ( version == '12.2(13)ZP' ) flag++; if ( version == '12.2(13)ZP1' ) flag++; if ( version == '12.2(13)ZP2' ) flag++; if ( version == '12.2(13)ZP3' ) flag++; if ( version == '12.2(13)ZP4' ) flag++; if ( version == '12.2(13)ZT' ) flag++; if ( version == '12.2(15)B' ) flag++; if ( version == '12.2(15)B1' ) flag++; if ( version == '12.2(15)MC1a' ) flag++; if ( version == '12.2(15)MC1b' ) flag++; if ( version == '12.2(15)MC1c' ) flag++; if ( version == '12.2(15)MC2' ) flag++; if ( version == '12.2(15)T' ) flag++; if ( version == '12.2(15)T1' ) flag++; if ( version == '12.2(15)T10' ) flag++; if ( version == '12.2(15)T11' ) flag++; if ( version == '12.2(15)T12' ) flag++; if ( version == '12.2(15)T12a' ) flag++; if ( version == '12.2(15)T13' ) flag++; if ( version == '12.2(15)T14' ) flag++; if ( version == '12.2(15)T15' ) flag++; if ( version == '12.2(15)T16' ) flag++; if ( version == '12.2(15)T17' ) flag++; if ( version == '12.2(15)T1a' ) flag++; if ( version == '12.2(15)T2' ) flag++; if ( version == '12.2(15)T3' ) flag++; if ( version == '12.2(15)T4' ) flag++; if ( version == '12.2(15)T4a' ) flag++; if ( version == '12.2(15)T4c' ) flag++; if ( version == '12.2(15)T4d' ) flag++; if ( version == '12.2(15)T4e' ) flag++; if ( version == '12.2(15)T5' ) flag++; if ( version == '12.2(15)T5a' ) flag++; if ( version == '12.2(15)T6' ) flag++; if ( version == '12.2(15)T7' ) flag++; if ( version == '12.2(15)T8' ) flag++; if ( version == '12.2(15)T9' ) flag++; if ( version == '12.2(15)T9a' ) flag++; if ( version == '12.2(15)ZJ' ) flag++; if ( version == '12.2(15)ZJ1' ) flag++; if ( version == '12.2(15)ZJ2' ) flag++; if ( version == '12.2(15)ZJ3' ) flag++; if ( version == '12.2(15)ZJ4' ) flag++; if ( version == '12.2(15)ZJ5' ) flag++; if ( version == '12.2(15)ZK4' ) flag++; if ( version == '12.2(15)ZL' ) flag++; if ( version == '12.2(15)ZL1' ) flag++; if ( version == '12.2(15)ZN' ) flag++; if ( version == '12.2(15)ZO' ) flag++; if ( version == '12.2(15)ZR' ) flag++; if ( version == '12.2(15)ZS1' ) flag++; if ( version == '12.2(15)ZS2' ) flag++; if ( version == '12.2(15)ZS3' ) flag++; if ( version == '12.2(15)ZS4' ) flag++; if ( version == '12.2(15)ZS5' ) flag++; if ( version == '12.2(16)B' ) flag++; if ( version == '12.2(16)B1' ) flag++; if ( version == '12.2(16)B2' ) flag++; if ( version == '12.2(16)B3' ) flag++; if ( version == '12.2(16)BX' ) flag++; if ( version == '12.2(16)BX1' ) flag++; if ( version == '12.2(16)BX2' ) flag++; if ( version == '12.2(16)BX3' ) flag++; if ( version == '12.2(2)XB11' ) flag++; if ( version == '12.2(2)XB14' ) flag++; if ( version == '12.2(2)XB15' ) flag++; if ( version == '12.2(2)XB2' ) flag++; if ( version == '12.2(2)XB3' ) flag++; if ( version == '12.2(2)XB4' ) flag++; if ( version == '12.2(2)XB4b' ) flag++; if ( version == '12.2(2)XB5' ) flag++; if ( version == '12.2(2)XB6' ) flag++; if ( version == '12.2(2)XB7' ) flag++; if ( version == '12.2(2)XB8' ) flag++; if ( version == '12.2(2)XG' ) flag++; if ( version == '12.2(2)XG1' ) flag++; if ( version == '12.2(2)XT' ) flag++; if ( version == '12.2(2)XT2' ) flag++; if ( version == '12.2(2)XT3' ) flag++; if ( version == '12.2(2)XU' ) flag++; if ( version == '12.2(2)XU2' ) flag++; if ( version == '12.2(2)XU3' ) flag++; if ( version == '12.2(2)XU4' ) flag++; if ( version == '12.2(2)YC' ) flag++; if ( version == '12.2(2)YC1' ) flag++; if ( version == '12.2(2)YC2' ) flag++; if ( version == '12.2(2)YC3' ) flag++; if ( version == '12.2(2)YC4' ) flag++; if ( version == '12.2(4)XM' ) flag++; if ( version == '12.2(4)XM2' ) flag++; if ( version == '12.2(4)XM3' ) flag++; if ( version == '12.2(4)XM4' ) flag++; if ( version == '12.2(4)XW' ) flag++; if ( version == '12.2(4)XZ' ) flag++; if ( version == '12.2(4)XZ1' ) flag++; if ( version == '12.2(4)XZ2' ) flag++; if ( version == '12.2(4)XZ3' ) flag++; if ( version == '12.2(4)XZ4' ) flag++; if ( version == '12.2(4)XZ5' ) flag++; if ( version == '12.2(4)XZ6' ) flag++; if ( version == '12.2(4)XZ7' ) flag++; if ( version == '12.2(4)YA' ) flag++; if ( version == '12.2(4)YA1' ) flag++; if ( version == '12.2(4)YA2' ) flag++; if ( version == '12.2(4)YA6' ) flag++; if ( version == '12.2(4)YA7' ) flag++; if ( version == '12.2(4)YB' ) flag++; if ( version == '12.2(4)YH' ) flag++; if ( version == '12.2(8)B' ) flag++; if ( version == '12.2(8)B1' ) flag++; if ( version == '12.2(8)B2' ) flag++; if ( version == '12.2(8)BY' ) flag++; if ( version == '12.2(8)BY1' ) flag++; if ( version == '12.2(8)BY2' ) flag++; if ( version == '12.2(8)T' ) flag++; if ( version == '12.2(8)T0a' ) flag++; if ( version == '12.2(8)T0b' ) flag++; if ( version == '12.2(8)T0c' ) flag++; if ( version == '12.2(8)T0d' ) flag++; if ( version == '12.2(8)T0e' ) flag++; if ( version == '12.2(8)T1' ) flag++; if ( version == '12.2(8)T10' ) flag++; if ( version == '12.2(8)T2' ) flag++; if ( version == '12.2(8)T3' ) flag++; if ( version == '12.2(8)T4' ) flag++; if ( version == '12.2(8)T4a' ) flag++; if ( version == '12.2(8)T5' ) flag++; if ( version == '12.2(8)T6' ) flag++; if ( version == '12.2(8)T8' ) flag++; if ( version == '12.2(8)TPC10a' ) flag++; if ( version == '12.2(8)TPC10b' ) flag++; if ( version == '12.2(8)TPC10c' ) flag++; if ( version == '12.2(8)YD' ) flag++; if ( version == '12.2(8)YD1' ) flag++; if ( version == '12.2(8)YD2' ) flag++; if ( version == '12.2(8)YD3' ) flag++; if ( version == '12.2(8)YJ' ) flag++; if ( version == '12.2(8)YL' ) flag++; if ( version == '12.2(8)YM' ) flag++; if ( version == '12.2(8)YN' ) flag++; if ( version == '12.2(8)YN1' ) flag++; if ( version == '12.2(8)YW' ) flag++; if ( version == '12.2(8)YW1' ) flag++; if ( version == '12.2(8)YW2' ) flag++; if ( version == '12.2(8)YW3' ) flag++; if ( version == '12.2(8)YY' ) flag++; if ( version == '12.2(8)YY1' ) flag++; if ( version == '12.2(8)YY2' ) flag++; if ( version == '12.2(8)YY3' ) flag++; if ( version == '12.2(8)YY4' ) flag++; if ( version == '12.2(8)ZB1' ) flag++; if ( version == '12.2(8)ZB2' ) flag++; if ( version == '12.2(8)ZB3' ) flag++; if ( version == '12.2(8)ZB4' ) flag++; if ( version == '12.2(8)ZB4a' ) flag++; if ( version == '12.2(8)ZB5' ) flag++; if ( version == '12.2(8)ZB6' ) flag++; if ( version == '12.2(8)ZB7' ) flag++; if ( version == '12.2(8)ZB8' ) flag++; if ( version == '12.3(1)' ) flag++; if ( version == '12.3(10)' ) flag++; if ( version == '12.3(10a)' ) flag++; if ( version == '12.3(10a)M0' ) flag++; if ( version == '12.3(10b)' ) flag++; if ( version == '12.3(10c)' ) flag++; if ( version == '12.3(10d)' ) flag++; if ( version == '12.3(10e)' ) flag++; if ( version == '12.3(10f)' ) flag++; if ( version == '12.3(11)T' ) flag++; if ( version == '12.3(11)T1' ) flag++; if ( version == '12.3(11)T10' ) flag++; if ( version == '12.3(11)T11' ) flag++; if ( version == '12.3(11)T12' ) flag++; if ( version == '12.3(11)T2' ) flag++; if ( version == '12.3(11)T2a' ) flag++; if ( version == '12.3(11)T3' ) flag++; if ( version == '12.3(11)T4' ) flag++; if ( version == '12.3(11)T5' ) flag++; if ( version == '12.3(11)T6' ) flag++; if ( version == '12.3(11)T7' ) flag++; if ( version == '12.3(11)T8' ) flag++; if ( version == '12.3(11)T9' ) flag++; if ( version == '12.3(11)XL' ) flag++; if ( version == '12.3(11)XL1' ) flag++; if ( version == '12.3(11)XL2' ) flag++; if ( version == '12.3(11)XL3' ) flag++; if ( version == '12.3(11)YF' ) flag++; if ( version == '12.3(11)YF1' ) flag++; if ( version == '12.3(11)YF2' ) flag++; if ( version == '12.3(11)YF3' ) flag++; if ( version == '12.3(11)YF4' ) flag++; if ( version == '12.3(11)YK' ) flag++; if ( version == '12.3(11)YK1' ) flag++; if ( version == '12.3(11)YK2' ) flag++; if ( version == '12.3(11)YL' ) flag++; if ( version == '12.3(11)YL1' ) flag++; if ( version == '12.3(11)YL2' ) flag++; if ( version == '12.3(11)YN' ) flag++; if ( version == '12.3(11)YR' ) flag++; if ( version == '12.3(11)YR1' ) flag++; if ( version == '12.3(11)YS2' ) flag++; if ( version == '12.3(11)YW' ) flag++; if ( version == '12.3(11)YW1' ) flag++; if ( version == '12.3(11)YW2' ) flag++; if ( version == '12.3(11)YZ' ) flag++; if ( version == '12.3(11)YZ1' ) flag++; if ( version == '12.3(11)YZ2' ) flag++; if ( version == '12.3(11)ZB' ) flag++; if ( version == '12.3(11)ZB1' ) flag++; if ( version == '12.3(11)ZB2' ) flag++; if ( version == '12.3(12)' ) flag++; if ( version == '12.3(12a)' ) flag++; if ( version == '12.3(12b)' ) flag++; if ( version == '12.3(12c)' ) flag++; if ( version == '12.3(12d)' ) flag++; if ( version == '12.3(12e)' ) flag++; if ( version == '12.3(13)' ) flag++; if ( version == '12.3(13a)' ) flag++; if ( version == '12.3(13b)' ) flag++; if ( version == '12.3(14)T' ) flag++; if ( version == '12.3(14)T1' ) flag++; if ( version == '12.3(14)T2' ) flag++; if ( version == '12.3(14)T3' ) flag++; if ( version == '12.3(14)T4' ) flag++; if ( version == '12.3(14)T5' ) flag++; if ( version == '12.3(14)T6' ) flag++; if ( version == '12.3(14)T7' ) flag++; if ( version == '12.3(14)YM1' ) flag++; if ( version == '12.3(14)YM10' ) flag++; if ( version == '12.3(14)YM11' ) flag++; if ( version == '12.3(14)YM12' ) flag++; if ( version == '12.3(14)YM13' ) flag++; if ( version == '12.3(14)YM2' ) flag++; if ( version == '12.3(14)YM3' ) flag++; if ( version == '12.3(14)YM4' ) flag++; if ( version == '12.3(14)YM5' ) flag++; if ( version == '12.3(14)YM6' ) flag++; if ( version == '12.3(14)YM7' ) flag++; if ( version == '12.3(14)YM8' ) flag++; if ( version == '12.3(14)YM9' ) flag++; if ( version == '12.3(14)YQ' ) flag++; if ( version == '12.3(14)YQ1' ) flag++; if ( version == '12.3(14)YQ2' ) flag++; if ( version == '12.3(14)YQ3' ) flag++; if ( version == '12.3(14)YQ4' ) flag++; if ( version == '12.3(14)YQ5' ) flag++; if ( version == '12.3(14)YQ6' ) flag++; if ( version == '12.3(14)YQ7' ) flag++; if ( version == '12.3(14)YQ8' ) flag++; if ( version == '12.3(14)YT' ) flag++; if ( version == '12.3(14)YT1' ) flag++; if ( version == '12.3(14)YU' ) flag++; if ( version == '12.3(14)YU1' ) flag++; if ( version == '12.3(14)YX' ) flag++; if ( version == '12.3(14)YX1' ) flag++; if ( version == '12.3(14)YX10' ) flag++; if ( version == '12.3(14)YX11' ) flag++; if ( version == '12.3(14)YX12' ) flag++; if ( version == '12.3(14)YX13' ) flag++; if ( version == '12.3(14)YX14' ) flag++; if ( version == '12.3(14)YX15' ) flag++; if ( version == '12.3(14)YX2' ) flag++; if ( version == '12.3(14)YX3' ) flag++; if ( version == '12.3(14)YX4' ) flag++; if ( version == '12.3(14)YX7' ) flag++; if ( version == '12.3(14)YX8' ) flag++; if ( version == '12.3(14)YX9' ) flag++; if ( version == '12.3(15)' ) flag++; if ( version == '12.3(15a)' ) flag++; if ( version == '12.3(15b)' ) flag++; if ( version == '12.3(16)' ) flag++; if ( version == '12.3(16a)' ) flag++; if ( version == '12.3(17)' ) flag++; if ( version == '12.3(17a)' ) flag++; if ( version == '12.3(17b)' ) flag++; if ( version == '12.3(17c)' ) flag++; if ( version == '12.3(18)' ) flag++; if ( version == '12.3(18a)' ) flag++; if ( version == '12.3(19)' ) flag++; if ( version == '12.3(19a)' ) flag++; if ( version == '12.3(1a)' ) flag++; if ( version == '12.3(1a)B' ) flag++; if ( version == '12.3(2)T' ) flag++; if ( version == '12.3(2)T1' ) flag++; if ( version == '12.3(2)T2' ) flag++; if ( version == '12.3(2)T3' ) flag++; if ( version == '12.3(2)T4' ) flag++; if ( version == '12.3(2)T5' ) flag++; if ( version == '12.3(2)T6' ) flag++; if ( version == '12.3(2)T7' ) flag++; if ( version == '12.3(2)T8' ) flag++; if ( version == '12.3(2)T9' ) flag++; if ( version == '12.3(2)XA' ) flag++; if ( version == '12.3(2)XA1' ) flag++; if ( version == '12.3(2)XA4' ) flag++; if ( version == '12.3(2)XA6' ) flag++; if ( version == '12.3(2)XB' ) flag++; if ( version == '12.3(2)XB1' ) flag++; if ( version == '12.3(2)XB3' ) flag++; if ( version == '12.3(2)XC' ) flag++; if ( version == '12.3(2)XC2' ) flag++; if ( version == '12.3(2)XC5' ) flag++; if ( version == '12.3(2)XE' ) flag++; if ( version == '12.3(2)XE1' ) flag++; if ( version == '12.3(2)XE5' ) flag++; if ( version == '12.3(2)XF' ) flag++; if ( version == '12.3(2)XZ1' ) flag++; if ( version == '12.3(2)XZ2' ) flag++; if ( version == '12.3(20)' ) flag++; if ( version == '12.3(20a)' ) flag++; if ( version == '12.3(21)' ) flag++; if ( version == '12.3(21a)' ) flag++; if ( version == '12.3(21b)' ) flag++; if ( version == '12.3(22)' ) flag++; if ( version == '12.3(22a)' ) flag++; if ( version == '12.3(23)' ) flag++; if ( version == '12.3(24)' ) flag++; if ( version == '12.3(24a)' ) flag++; if ( version == '12.3(25)' ) flag++; if ( version == '12.3(26)' ) flag++; if ( version == '12.3(3)' ) flag++; if ( version == '12.3(3)B' ) flag++; if ( version == '12.3(3)B1' ) flag++; if ( version == '12.3(3a)' ) flag++; if ( version == '12.3(3b)' ) flag++; if ( version == '12.3(3c)' ) flag++; if ( version == '12.3(3d)' ) flag++; if ( version == '12.3(3e)' ) flag++; if ( version == '12.3(3f)' ) flag++; if ( version == '12.3(3g)' ) flag++; if ( version == '12.3(3h)' ) flag++; if ( version == '12.3(3i)' ) flag++; if ( version == '12.3(4)T' ) flag++; if ( version == '12.3(4)T1' ) flag++; if ( version == '12.3(4)T10' ) flag++; if ( version == '12.3(4)T11' ) flag++; if ( version == '12.3(4)T12' ) flag++; if ( version == '12.3(4)T2' ) flag++; if ( version == '12.3(4)T2a' ) flag++; if ( version == '12.3(4)T3' ) flag++; if ( version == '12.3(4)T4' ) flag++; if ( version == '12.3(4)T5' ) flag++; if ( version == '12.3(4)T6' ) flag++; if ( version == '12.3(4)T7' ) flag++; if ( version == '12.3(4)T8' ) flag++; if ( version == '12.3(4)T9' ) flag++; if ( version == '12.3(4)TPC11b' ) flag++; if ( version == '12.3(4)XD' ) flag++; if ( version == '12.3(4)XD1' ) flag++; if ( version == '12.3(4)XD2' ) flag++; if ( version == '12.3(4)XD3' ) flag++; if ( version == '12.3(4)XD4' ) flag++; if ( version == '12.3(4)XG' ) flag++; if ( version == '12.3(4)XG1' ) flag++; if ( version == '12.3(4)XG2' ) flag++; if ( version == '12.3(4)XG3' ) flag++; if ( version == '12.3(4)XG4' ) flag++; if ( version == '12.3(4)XG5' ) flag++; if ( version == '12.3(4)XH' ) flag++; if ( version == '12.3(4)XH1' ) flag++; if ( version == '12.3(4)XK' ) flag++; if ( version == '12.3(4)XK1' ) flag++; if ( version == '12.3(4)XK2' ) flag++; if ( version == '12.3(4)XK3' ) flag++; if ( version == '12.3(4)XK4' ) flag++; if ( version == '12.3(4)XN' ) flag++; if ( version == '12.3(4)XN1' ) flag++; if ( version == '12.3(4)XN2' ) flag++; if ( version == '12.3(4)XQ' ) flag++; if ( version == '12.3(4)XQ1' ) flag++; if ( version == '12.3(4)YE' ) flag++; if ( version == '12.3(4)YE1' ) flag++; if ( version == '12.3(5)' ) flag++; if ( version == '12.3(5a)' ) flag++; if ( version == '12.3(5a)B' ) flag++; if ( version == '12.3(5a)B0a' ) flag++; if ( version == '12.3(5a)B1' ) flag++; if ( version == '12.3(5a)B2' ) flag++; if ( version == '12.3(5a)B3' ) flag++; if ( version == '12.3(5a)B4' ) flag++; if ( version == '12.3(5a)B5' ) flag++; if ( version == '12.3(5b)' ) flag++; if ( version == '12.3(5c)' ) flag++; if ( version == '12.3(5d)' ) flag++; if ( version == '12.3(5e)' ) flag++; if ( version == '12.3(5f)' ) flag++; if ( version == '12.3(6)' ) flag++; if ( version == '12.3(6a)' ) flag++; if ( version == '12.3(6b)' ) flag++; if ( version == '12.3(6c)' ) flag++; if ( version == '12.3(6d)' ) flag++; if ( version == '12.3(6e)' ) flag++; if ( version == '12.3(6f)' ) flag++; if ( version == '12.3(7)T' ) flag++; if ( version == '12.3(7)T1' ) flag++; if ( version == '12.3(7)T10' ) flag++; if ( version == '12.3(7)T11' ) flag++; if ( version == '12.3(7)T12' ) flag++; if ( version == '12.3(7)T2' ) flag++; if ( version == '12.3(7)T3' ) flag++; if ( version == '12.3(7)T4' ) flag++; if ( version == '12.3(7)T5' ) flag++; if ( version == '12.3(7)T6' ) flag++; if ( version == '12.3(7)T7' ) flag++; if ( version == '12.3(7)T8' ) flag++; if ( version == '12.3(7)T9' ) flag++; if ( version == '12.3(7)XI' ) flag++; if ( version == '12.3(7)XI1' ) flag++; if ( version == '12.3(7)XI10a' ) flag++; if ( version == '12.3(7)XI2' ) flag++; if ( version == '12.3(7)XI2b' ) flag++; if ( version == '12.3(7)XI3' ) flag++; if ( version == '12.3(7)XI4' ) flag++; if ( version == '12.3(7)XI5' ) flag++; if ( version == '12.3(7)XI6' ) flag++; if ( version == '12.3(7)XI7' ) flag++; if ( version == '12.3(7)XI7a' ) flag++; if ( version == '12.3(7)XI7b' ) flag++; if ( version == '12.3(7)XI8' ) flag++; if ( version == '12.3(7)XI8bc' ) flag++; if ( version == '12.3(7)XI8g' ) flag++; if ( version == '12.3(7)XJ' ) flag++; if ( version == '12.3(7)XJ1' ) flag++; if ( version == '12.3(7)XJ2' ) flag++; if ( version == '12.3(7)XL' ) flag++; if ( version == '12.3(7)XR' ) flag++; if ( version == '12.3(7)XR3' ) flag++; if ( version == '12.3(7)XR4' ) flag++; if ( version == '12.3(7)XR5' ) flag++; if ( version == '12.3(7)XR6' ) flag++; if ( version == '12.3(7)XR7' ) flag++; if ( version == '12.3(8)T' ) flag++; if ( version == '12.3(8)T1' ) flag++; if ( version == '12.3(8)T10' ) flag++; if ( version == '12.3(8)T11' ) flag++; if ( version == '12.3(8)T2' ) flag++; if ( version == '12.3(8)T3' ) flag++; if ( version == '12.3(8)T4' ) flag++; if ( version == '12.3(8)T5' ) flag++; if ( version == '12.3(8)T6' ) flag++; if ( version == '12.3(8)T7' ) flag++; if ( version == '12.3(8)T8' ) flag++; if ( version == '12.3(8)T9' ) flag++; if ( version == '12.3(8)XU2' ) flag++; if ( version == '12.3(8)XU3' ) flag++; if ( version == '12.3(8)XU4' ) flag++; if ( version == '12.3(8)XU5' ) flag++; if ( version == '12.3(8)XW' ) flag++; if ( version == '12.3(8)XW1' ) flag++; if ( version == '12.3(8)XW1a' ) flag++; if ( version == '12.3(8)XW1b' ) flag++; if ( version == '12.3(8)XW2' ) flag++; if ( version == '12.3(8)XW3' ) flag++; if ( version == '12.3(8)XX' ) flag++; if ( version == '12.3(8)XX1' ) flag++; if ( version == '12.3(8)XX2d' ) flag++; if ( version == '12.3(8)XX2e' ) flag++; if ( version == '12.3(8)XY' ) flag++; if ( version == '12.3(8)XY1' ) flag++; if ( version == '12.3(8)XY2' ) flag++; if ( version == '12.3(8)XY3' ) flag++; if ( version == '12.3(8)XY4' ) flag++; if ( version == '12.3(8)XY5' ) flag++; if ( version == '12.3(8)XY6' ) flag++; if ( version == '12.3(8)XY7' ) flag++; if ( version == '12.3(8)YC' ) flag++; if ( version == '12.3(8)YC1' ) flag++; if ( version == '12.3(8)YC2' ) flag++; if ( version == '12.3(8)YC3' ) flag++; if ( version == '12.3(8)YG' ) flag++; if ( version == '12.3(8)YG2' ) flag++; if ( version == '12.3(8)YG3' ) flag++; if ( version == '12.3(8)YG4' ) flag++; if ( version == '12.3(8)YG6' ) flag++; if ( version == '12.3(8)ZA' ) flag++; if ( version == '12.3(8)ZA1' ) flag++; if ( version == '12.3(9)' ) flag++; if ( version == '12.3(9)M0' ) flag++; if ( version == '12.3(9)M1' ) flag++; if ( version == '12.3(9a)' ) flag++; if ( version == '12.3(9b)' ) flag++; if ( version == '12.3(9c)' ) flag++; if ( version == '12.3(9d)' ) flag++; if ( version == '12.3(9e)' ) flag++; if ( version == '12.4(1)' ) flag++; if ( version == '12.4(10)' ) flag++; if ( version == '12.4(10a)' ) flag++; if ( version == '12.4(10b)' ) flag++; if ( version == '12.4(10c)' ) flag++; if ( version == '12.4(11)MR' ) flag++; if ( version == '12.4(11)T' ) flag++; if ( version == '12.4(11)T1' ) flag++; if ( version == '12.4(11)T2' ) flag++; if ( version == '12.4(11)T3' ) flag++; if ( version == '12.4(11)T4' ) flag++; if ( version == '12.4(11)XJ' ) flag++; if ( version == '12.4(11)XJ1' ) flag++; if ( version == '12.4(11)XJ2' ) flag++; if ( version == '12.4(11)XJ3' ) flag++; if ( version == '12.4(11)XJ4' ) flag++; if ( version == '12.4(11)XJ5' ) flag++; if ( version == '12.4(11)XJ6' ) flag++; if ( version == '12.4(11)XV' ) flag++; if ( version == '12.4(11)XV1' ) flag++; if ( version == '12.4(11)XW' ) flag++; if ( version == '12.4(11)XW1' ) flag++; if ( version == '12.4(11)XW10' ) flag++; if ( version == '12.4(11)XW2' ) flag++; if ( version == '12.4(11)XW3' ) flag++; if ( version == '12.4(11)XW4' ) flag++; if ( version == '12.4(11)XW5' ) flag++; if ( version == '12.4(11)XW6' ) flag++; if ( version == '12.4(11)XW7' ) flag++; if ( version == '12.4(11)XW8' ) flag++; if ( version == '12.4(11)XW9' ) flag++; if ( version == '12.4(12)' ) flag++; if ( version == '12.4(12)MR' ) flag++; if ( version == '12.4(12)MR1' ) flag++; if ( version == '12.4(12)MR2' ) flag++; if ( version == '12.4(12a)' ) flag++; if ( version == '12.4(12b)' ) flag++; if ( version == '12.4(12c)' ) flag++; if ( version == '12.4(13)' ) flag++; if ( version == '12.4(13a)' ) flag++; if ( version == '12.4(13b)' ) flag++; if ( version == '12.4(13c)' ) flag++; if ( version == '12.4(13d)' ) flag++; if ( version == '12.4(13e)' ) flag++; if ( version == '12.4(13f)' ) flag++; if ( version == '12.4(15)T' ) flag++; if ( version == '12.4(15)T1' ) flag++; if ( version == '12.4(15)T10' ) flag++; if ( version == '12.4(15)T11' ) flag++; if ( version == '12.4(15)T2' ) flag++; if ( version == '12.4(15)T3' ) flag++; if ( version == '12.4(15)T4' ) flag++; if ( version == '12.4(15)T5' ) flag++; if ( version == '12.4(15)T6' ) flag++; if ( version == '12.4(15)T6a' ) flag++; if ( version == '12.4(15)T7' ) flag++; if ( version == '12.4(15)T8' ) flag++; if ( version == '12.4(15)T9' ) flag++; if ( version == '12.4(15)XL' ) flag++; if ( version == '12.4(15)XL1' ) flag++; if ( version == '12.4(15)XL2' ) flag++; if ( version == '12.4(15)XL3' ) flag++; if ( version == '12.4(15)XL4' ) flag++; if ( version == '12.4(15)XL5' ) flag++; if ( version == '12.4(15)XM1' ) flag++; if ( version == '12.4(15)XM2' ) flag++; if ( version == '12.4(15)XY' ) flag++; if ( version == '12.4(15)XY1' ) flag++; if ( version == '12.4(15)XY2' ) flag++; if ( version == '12.4(15)XY3' ) flag++; if ( version == '12.4(15)XY4' ) flag++; if ( version == '12.4(15)XY5' ) flag++; if ( version == '12.4(15)XZ' ) flag++; if ( version == '12.4(15)XZ1' ) flag++; if ( version == '12.4(15)XZ2' ) flag++; if ( version == '12.4(16)' ) flag++; if ( version == '12.4(16)MR' ) flag++; if ( version == '12.4(16)MR1' ) flag++; if ( version == '12.4(16)MR2' ) flag++; if ( version == '12.4(16a)' ) flag++; if ( version == '12.4(16b)' ) flag++; if ( version == '12.4(17)' ) flag++; if ( version == '12.4(17a)' ) flag++; if ( version == '12.4(17b)' ) flag++; if ( version == '12.4(18)' ) flag++; if ( version == '12.4(18a)' ) flag++; if ( version == '12.4(18b)' ) flag++; if ( version == '12.4(18c)' ) flag++; if ( version == '12.4(18d)' ) flag++; if ( version == '12.4(18e)' ) flag++; if ( version == '12.4(19)' ) flag++; if ( version == '12.4(19)MR' ) flag++; if ( version == '12.4(19a)' ) flag++; if ( version == '12.4(19b)' ) flag++; if ( version == '12.4(1a)' ) flag++; if ( version == '12.4(1b)' ) flag++; if ( version == '12.4(1c)' ) flag++; if ( version == '12.4(2)MR' ) flag++; if ( version == '12.4(2)MR1' ) flag++; if ( version == '12.4(2)T' ) flag++; if ( version == '12.4(2)T1' ) flag++; if ( version == '12.4(2)T2' ) flag++; if ( version == '12.4(2)T3' ) flag++; if ( version == '12.4(2)T4' ) flag++; if ( version == '12.4(2)T5' ) flag++; if ( version == '12.4(2)T6' ) flag++; if ( version == '12.4(2)XA' ) flag++; if ( version == '12.4(2)XA1' ) flag++; if ( version == '12.4(2)XA2' ) flag++; if ( version == '12.4(2)XB' ) flag++; if ( version == '12.4(2)XB1' ) flag++; if ( version == '12.4(2)XB10' ) flag++; if ( version == '12.4(2)XB11' ) flag++; if ( version == '12.4(2)XB2' ) flag++; if ( version == '12.4(2)XB3' ) flag++; if ( version == '12.4(2)XB4' ) flag++; if ( version == '12.4(2)XB5' ) flag++; if ( version == '12.4(2)XB6' ) flag++; if ( version == '12.4(2)XB7' ) flag++; if ( version == '12.4(2)XB8' ) flag++; if ( version == '12.4(2)XB9' ) flag++; if ( version == '12.4(20)T' ) flag++; if ( version == '12.4(20)T1' ) flag++; if ( version == '12.4(20)T2' ) flag++; if ( version == '12.4(20)T3' ) flag++; if ( version == '12.4(20)T4' ) flag++; if ( version == '12.4(20)YA' ) flag++; if ( version == '12.4(20)YA1' ) flag++; if ( version == '12.4(20)YA2' ) flag++; if ( version == '12.4(20)YA3' ) flag++; if ( version == '12.4(21)' ) flag++; if ( version == '12.4(21a)' ) flag++; if ( version == '12.4(21a)M1' ) flag++; if ( version == '12.4(21b)' ) flag++; if ( version == '12.4(22)GC1' ) flag++; if ( version == '12.4(22)T' ) flag++; if ( version == '12.4(22)T1' ) flag++; if ( version == '12.4(22)T2' ) flag++; if ( version == '12.4(22)T3' ) flag++; if ( version == '12.4(22)YB' ) flag++; if ( version == '12.4(22)YB1' ) flag++; if ( version == '12.4(22)YB4' ) flag++; if ( version == '12.4(23)' ) flag++; if ( version == '12.4(23a)' ) flag++; if ( version == '12.4(23b)' ) flag++; if ( version == '12.4(23b)M1' ) flag++; if ( version == '12.4(23c)' ) flag++; if ( version == '12.4(24)GC1' ) flag++; if ( version == '12.4(24)T' ) flag++; if ( version == '12.4(24)T1' ) flag++; if ( version == '12.4(24)T2' ) flag++; if ( version == '12.4(25)' ) flag++; if ( version == '12.4(25a)' ) flag++; if ( version == '12.4(25b)' ) flag++; if ( version == '12.4(3)' ) flag++; if ( version == '12.4(3a)' ) flag++; if ( version == '12.4(3b)' ) flag++; if ( version == '12.4(3c)' ) flag++; if ( version == '12.4(3d)' ) flag++; if ( version == '12.4(3e)' ) flag++; if ( version == '12.4(3f)' ) flag++; if ( version == '12.4(3g)' ) flag++; if ( version == '12.4(3h)' ) flag++; if ( version == '12.4(3i)' ) flag++; if ( version == '12.4(3j)' ) flag++; if ( version == '12.4(4)MR' ) flag++; if ( version == '12.4(4)MR1' ) flag++; if ( version == '12.4(4)T' ) flag++; if ( version == '12.4(4)T1' ) flag++; if ( version == '12.4(4)T2' ) flag++; if ( version == '12.4(4)T3' ) flag++; if ( version == '12.4(4)T4' ) flag++; if ( version == '12.4(4)T5' ) flag++; if ( version == '12.4(4)T6' ) flag++; if ( version == '12.4(4)T7' ) flag++; if ( version == '12.4(4)T8' ) flag++; if ( version == '12.4(4)XC' ) flag++; if ( version == '12.4(4)XC1' ) flag++; if ( version == '12.4(4)XC2' ) flag++; if ( version == '12.4(4)XC3' ) flag++; if ( version == '12.4(4)XC4' ) flag++; if ( version == '12.4(4)XC5' ) flag++; if ( version == '12.4(4)XC6' ) flag++; if ( version == '12.4(4)XC7' ) flag++; if ( version == '12.4(4)XD' ) flag++; if ( version == '12.4(4)XD1' ) flag++; if ( version == '12.4(4)XD10' ) flag++; if ( version == '12.4(4)XD11' ) flag++; if ( version == '12.4(4)XD12' ) flag++; if ( version == '12.4(4)XD2' ) flag++; if ( version == '12.4(4)XD3' ) flag++; if ( version == '12.4(4)XD4' ) flag++; if ( version == '12.4(4)XD5' ) flag++; if ( version == '12.4(4)XD6' ) flag++; if ( version == '12.4(4)XD7' ) flag++; if ( version == '12.4(4)XD8' ) flag++; if ( version == '12.4(4)XD9' ) flag++; if ( version == '12.4(5)' ) flag++; if ( version == '12.4(5a)' ) flag++; if ( version == '12.4(5a)M0' ) flag++; if ( version == '12.4(5b)' ) flag++; if ( version == '12.4(5c)' ) flag++; if ( version == '12.4(6)MR' ) flag++; if ( version == '12.4(6)MR1' ) flag++; if ( version == '12.4(6)T' ) flag++; if ( version == '12.4(6)T1' ) flag++; if ( version == '12.4(6)T10' ) flag++; if ( version == '12.4(6)T11' ) flag++; if ( version == '12.4(6)T12' ) flag++; if ( version == '12.4(6)T2' ) flag++; if ( version == '12.4(6)T3' ) flag++; if ( version == '12.4(6)T4' ) flag++; if ( version == '12.4(6)T5' ) flag++; if ( version == '12.4(6)T5a' ) flag++; if ( version == '12.4(6)T5b' ) flag++; if ( version == '12.4(6)T6' ) flag++; if ( version == '12.4(6)T7' ) flag++; if ( version == '12.4(6)T8' ) flag++; if ( version == '12.4(6)T9' ) flag++; if ( version == '12.4(6)XE' ) flag++; if ( version == '12.4(6)XE1' ) flag++; if ( version == '12.4(6)XE2' ) flag++; if ( version == '12.4(6)XE3' ) flag++; if ( version == '12.4(6)XP' ) flag++; if ( version == '12.4(6)XT' ) flag++; if ( version == '12.4(6)XT1' ) flag++; if ( version == '12.4(6)XT2' ) flag++; if ( version == '12.4(7)' ) flag++; if ( version == '12.4(7a)' ) flag++; if ( version == '12.4(7b)' ) flag++; if ( version == '12.4(7c)' ) flag++; if ( version == '12.4(7d)' ) flag++; if ( version == '12.4(7e)' ) flag++; if ( version == '12.4(7f)' ) flag++; if ( version == '12.4(7g)' ) flag++; if ( version == '12.4(7h)' ) flag++; if ( version == '12.4(8)' ) flag++; if ( version == '12.4(8a)' ) flag++; if ( version == '12.4(8b)' ) flag++; if ( version == '12.4(8c)' ) flag++; if ( version == '12.4(8d)' ) flag++; if ( version == '12.4(9)MR' ) flag++; if ( version == '12.4(9)T' ) flag++; if ( version == '12.4(9)T0a' ) flag++; if ( version == '12.4(9)T1' ) flag++; if ( version == '12.4(9)T2' ) flag++; if ( version == '12.4(9)T3' ) flag++; if ( version == '12.4(9)T4' ) flag++; if ( version == '12.4(9)T5' ) flag++; if ( version == '12.4(9)T6' ) flag++; if ( version == '12.4(9)T7' ) flag++; if (get_kb_item("Host/local_checks_enabled")) { if (flag) { flag = 0; buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config"); if (check_cisco_result(buf)) { if (preg(pattern:"call-manager-fallback", multiline:TRUE, string:buf)) { flag = 1; } if (preg(pattern:"ephone", multiline:TRUE, string:buf)) { flag = 1; } if (preg(pattern:"telephony-service", multiline:TRUE, string:buf)) { flag = 1; } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } } } if (flag) { security_hole(port:0, extra:cisco_caveat(override)); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

Oval

accepted

2010-06-21T04:00:02.850-04:00

class

vulnerability

contributors

name Ronald Jones
organization DTCC
name David Ries
organization JovalCM.com

description

Devices running Cisco IOS® Software and configured for Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) operation are affected by two denial of service vulnerabilities that may result in a device reload if successfully exploited. The vulnerabilities are triggered when the Cisco IOS device processes specific, malformed Skinny Call Control Protocol (SCCP) messages. Cisco has released software updates that address these vulnerabilities. This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100324-cucme["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100324-cucme"]. Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on March 24, 2010, or earlier: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100324-bundle["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100324-bundle"] Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html["http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html"]

family

ios

oval:org.mitre.oval:def:6625

status

accepted

submitted

2010-03-26T11:06:36.000-04:00

title

Cisco IOS Software Unified Communications Manager Express Skinny Call Client Protocol Request Handling Denial of Service Vulnerability

version

Summary

Vulnerable Configurations

Nessus

Oval

References