Vulnerabilities > CVE-2016-6415 - Information Exposure vulnerability in Cisco IOS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Subverting Environment Variable Values The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
- Footprinting An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
- Exploiting Trust in Client (aka Make the Client Invisible) An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
- Browser Fingerprinting An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
- Session Credential Falsification through Prediction This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
Exploit-Db
description | Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory. CVE-2016-6415. Remote exploit for Hardware platform |
id | EDB-ID:43383 |
last seen | 2017-12-22 |
modified | 2017-03-17 |
published | 2017-03-17 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/43383/ |
title | Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory |
Metasploit
description | A vulnerability in Internet Key Exchange version 1 (IKEv1) packet processing code in Cisco IOS, Cisco IOS XE, and Cisco IOS XR Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. |
id | MSF:AUXILIARY/SCANNER/IKE/CISCO_IKE_BENIGNCERTAIN |
last seen | 2020-05-27 |
modified | 2017-07-24 |
published | 2016-09-30 |
references |
|
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/ike/cisco_ike_benigncertain.rb |
title | Cisco IKE Information Disclosure |
Nessus
NASL family CISCO NASL id CISCO_IKEV1_INFO_DISCLOSURE.NASL description The IKE service running on the remote Cisco IOS device is affected by an information disclosure vulnerability, known as BENIGNCERTAIN, in the Internet Key Exchange version 1 (IKEv1) subsystem due to improper handling of IKEv1 security negotiation requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted IKEv1 packet, to disclose memory contents, resulting in the disclosure of confidential information including credentials and configuration settings. BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers. last seen 2020-06-01 modified 2020-06-02 plugin id 96802 published 2017-01-26 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96802 title Cisco IOS IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN) (uncredentialed check) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(96802); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/12"); script_cve_id("CVE-2016-6415"); script_bugtraq_id(93003); script_xref(name:"CISCO-BUG-ID", value:"CSCvb29204"); script_xref(name:"CISCO-SA", value:"cisco-sa-20160916-ikev1"); script_name(english:"Cisco IOS IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN) (uncredentialed check)"); script_summary(english:"Checks IKEv1 Security Association negotiation response."); script_set_attribute(attribute:"synopsis", value: "A remote device is affected by an information disclosure vulnerability."); script_set_attribute(attribute:"description", value: "The IKE service running on the remote Cisco IOS device is affected by an information disclosure vulnerability, known as BENIGNCERTAIN, in the Internet Key Exchange version 1 (IKEv1) subsystem due to improper handling of IKEv1 security negotiation requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted IKEv1 packet, to disclose memory contents, resulting in the disclosure of confidential information including credentials and configuration settings. BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers."); # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7f2c76c"); # https://www.riskbasedsecurity.com/2016/08/the-shadow-brokers-lifting-the-shadows-of-the-nsas-equation-group/ script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4c7e0cf3"); script_set_attribute(attribute:"see_also", value:"https://blogs.cisco.com/security/shadow-brokers"); script_set_attribute(attribute:"solution", value: "Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvb29204."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/08/14"); script_set_attribute(attribute:"patch_publication_date", value:"2016/09/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/01/26"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios"); script_set_attribute(attribute:"in_the_news", value:"true"); script_set_attribute(attribute:"exploited_by_nessus", value:"true"); script_end_attributes(); script_category(ACT_ATTACK); script_family(english:"CISCO"); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ike2_detect.nasl"); script_require_ports("Services/udp/ike", 500, 848); script_require_keys("udp/ikev1"); exit(0); } include("compat_shared.inc"); include('ike1.inc'); port = branch(make_list(500, 848)); soc = open_sock_udp(port); if (! soc) audit(AUDIT_SOCK_FAIL, port, 'UDP'); attr_enc = ike_attr(type: IKE1_ATTR_ENC, value:IKE1_ENC_CAST_CBC); attr_lifet = ike_attr(type:IKE1_ATTR_LIFE_TYPE, value:IKE1_LIFE_TYPE_SECS); attr_lifed = ike_attr(type:IKE1_ATTR_LIFE_DURATION, value:2147483); attr_hash = ike_attr(type: IKE1_ATTR_HASH, value:IKE1_HASH_SHA1); attr_group = ike_attr(type: IKE1_ATTR_GROUP_DESCR, value:IKE_GROUP_MODP_768); grp_prime = crap(data:'A', length: 1000); attr_grp_prime = ike_attr(type: IKE1_ATTR_GROUP_PRIME_POLY, value: grp_prime); attr_auth = ike_attr(type: IKE1_ATTR_AUTH, value:IKE1_AUTH_PSK); attrs = attr_enc + attr_lifet + attr_lifed + attr_hash + attr_group + attr_grp_prime + attr_auth; xforms[0] = ike1_payload_xform(next:IKE1_PAYLOAD_NONE, num: 1, id: KEY_IKE, attrs: attrs); spi = rand_str(length:4); proposal= ike1_payload_prop(next: IKE1_PAYLOAD_NONE, num: 1, proto: PROTO_ISAKMP, spi: spi, xforms: xforms); sa = ike1_payload_sa(next: IKE1_PAYLOAD_NONE, doi: DOI_IPSEC, situation: SIT_IDENTITY, proposals: proposal ); # SA is the only payload in the first exchange in Main Mode payloads = sa; # # Create a IKEv1 PDU # icookie = rand_str(length:8); rcookie = crap(data:'\x00', length:8); hdr = ike1_hdr( icookie: icookie, rcookie: rcookie, payload: IKE1_PAYLOAD_SA, exch: IKE1_MAIN_MODE, flags: 0, msgid: 0, len:IKE_HDR_SIZE + strlen(payloads)); pdu = hdr + payloads; res = ike1_sendrecv(socket: soc, data:pdu); close(soc); if(isnull(res)) exit(0, 'No response from UDP port '+port+' to an IKEv1 Security Association negotiation request.'); # Parse the response ret = ike1_parse(res); if(isnull(ret)) audit(code:1, AUDIT_RESP_BAD, port,'an IKEv1 Security Association negotiation request: invalid IKEv1 packet', 'UDP'); hdr = ret['hdr']; payloads = ret['payloads']; if(isnull(hdr)) exit(1,'Failed to get IKEv1 header in the response.'); if(isnull(payloads)) exit(1,'Failed to get any IKEv1 payload in the response.'); # - We offered an unacceptable SA. # - Affected cisco devices should return a # Informational exchange with a Notification payload. if(hdr['exch'] != ISAKMP_EXCH_INFORMATIONAL) exit(0, 'The remote IKEv1 daemon does not return an Informational Exchange; it may not be affected.'); # First payload should be a Notification payload if (hdr['np'] != IKE1_PAYLOAD_NOTIFY) { audit(code:1, AUDIT_RESP_BAD, port,'an SA negotiation: Notification payload not the first payload in an Informational Exchange.', 'UDP'); } p = payloads[0]; pdata = p['raw_data']; if(empty_or_null(pdata)) audit(AUDIT_RESP_BAD, port,'an SA negotiation: No data in the Notification payload.', 'UDP'); notify = ike1_parse_notify(pdata); if(empty_or_null(notify)) audit(AUDIT_FN_FAIL, 'ike1_parse_notify'); # Notify Message Type should be NO-PROPOSAL-CHOSEN if(notify['type'] != IKN1_NO_PROPOSAL_CHOSEN) { audit(AUDIT_RESP_BAD, port,'an SA negotiation: Notification message type not NO-PROPOSAL-CHOSEN.', 'UDP'); } ndata = notify['data']; # Not affected: # - No data in the Notification payload or # - The entire offered SA is returned in the Notification payload. if (! ndata # seen in: libreswan || ndata == sa # seen in: Cisco ASA ) { audit(AUDIT_HOST_NOT, 'affected'); } # Patched: # - Only the hdr, DOI and Situation fields of the offered # SA are returned. # - The offered proposal is NOT returned. else if (ndata == substr(sa, 0, 11)) { exit(0, 'The remote host is patched.'); } # Vulnerable: # - Returned Proposal payload in the notification does not # match what we sent. # - The data in the returned Proposal payload may come # from some memory location. else if ( strlen(ndata) > 12 && substr(ndata, 0, 11) == substr(sa, 0, 11) && substr(ndata, 12) != proposal ) { report = 'Memory content was returned in the following Notification payload : \n\n' + hexdump(ddata:pdata); security_report_v4( port : port, proto : 'udp', severity : SECURITY_WARNING, extra : report ); } # Unexpected else { audit(AUDIT_RESP_BAD, port,'an SA negotiation. Unexpected Notification payload:\n' + hexdump(ddata:pdata), 'UDP'); }
NASL family CISCO NASL id CISCO-SA-20160916-IKEV1-IOSXE.NASL description According to its self-reported version and configuration, the Cisco IOS XE software running on the remote device is affected by an information disclosure vulnerability, known as BENIGNCERTAIN, in the Internet Key Exchange version 1 (IKEv1) subsystem due to improper handling of IKEv1 security negotiation requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted IKEv1 packet, to disclose memory contents, resulting in the disclosure of confidential information including credentials and configuration settings. BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers. last seen 2020-03-17 modified 2016-09-27 plugin id 93737 published 2016-09-27 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93737 title Cisco IOS XE IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN) code #TRUSTED 72b9fa1b9eefcb2034a049f913a6cdbe8aba78ce4b36a6520e525426a113b681873aac883dd413f5ab10618375939366780a66346c0e98cb2c81900ccedb9c65314672b5e8a3c87b522da4b3a4508e7dc6b404747185059c8afa95875999bcd2cd0cc48f43db85d9c48fd9d74cd928c06791f4bff269b39a4e87050cadb726be2b5b6046de1531a9eccd90cb66703b6a137dbe973ccc7a772b8a8e52cfb1a569f0d199da23e617b0a0116cb5d861c2ad80564ec357a08912cf856befe13858eb1bc05d2173d03a70d631d6afd405dae3be3131c3e129ca195efc08854661c46a73950aa4abed9e8ea6dbe085e394a640df7098e671ff0ebccab2b20992e1ddf2a007da46c780df34b3885c59e138c9cb794a2be07654323aa385c9807c1242a6d26731ce47a059f77b20def1673515a634afc6b4450ba70dffa9f2a0b59d91bfe834a8be6bd29537ae8df487be16d62c24278ae7accb2a2432d30a36e3d519fd02743cbda47a8864a601759aadc80835ac764b72dc5a5886f5a77995c57d274e315ceee545eb04f40f088b29df5ce032193b390ed12d79471516d4c9ffdf80d7c366acd7a92547fa41106f68eed609537c77832f8d2d4e5de7fe8b69ebe9a35aba22a2f2caa6709e7af9529f9a862b5fd5115f3f0c24dbb41604aca6451fd17ef9625f6db5ac2680a41e3666e272fb5d8622e6f309bca32ed56af3bb0e955dd3 # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(93737); script_version("1.8"); script_set_attribute(attribute:"plugin_modification_date", value:"2019/04/11"); script_cve_id("CVE-2016-6415"); script_bugtraq_id(93003); script_xref(name:"CISCO-BUG-ID", value:"CSCvb29204"); script_xref(name:"CISCO-SA", value:"cisco-sa-20160916-ikev1"); script_name(english:"Cisco IOS XE IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN)"); script_summary(english:"Checks the IOS XE version."); script_set_attribute(attribute:"synopsis", value: "The remote device is missing a vendor-supplied security patch."); script_set_attribute(attribute:"description", value: "According to its self-reported version and configuration, the Cisco IOS XE software running on the remote device is affected by an information disclosure vulnerability, known as BENIGNCERTAIN, in the Internet Key Exchange version 1 (IKEv1) subsystem due to improper handling of IKEv1 security negotiation requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted IKEv1 packet, to disclose memory contents, resulting in the disclosure of confidential information including credentials and configuration settings. BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers."); # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7f2c76c"); # https://www.riskbasedsecurity.com/2016/08/the-shadow-brokers-lifting-the-shadows-of-the-nsas-equation-group/ script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4c7e0cf3"); script_set_attribute(attribute:"see_also", value:"https://blogs.cisco.com/security/shadow-brokers"); script_set_attribute(attribute:"solution", value: "Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvb29204."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/08/14"); script_set_attribute(attribute:"patch_publication_date", value:"2016/09/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/27"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe"); script_set_attribute(attribute:"in_the_news", value:"true"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CISCO"); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("cisco_ios_xe_version.nasl"); script_require_keys("Host/Cisco/IOS-XE/Version"); exit(0); } include("audit.inc"); include("cisco_func.inc"); include("cisco_kb_cmd_func.inc"); ver = get_kb_item_or_exit("Host/Cisco/IOS-XE/Version"); flag = 0; override = 0; # Check for vuln version if ( ver == "3.1.0S" ) flag++; else if ( ver == "3.1.1S" ) flag++; else if ( ver == "3.1.2S" ) flag++; else if ( ver == "3.1.3aS" ) flag++; else if ( ver == "3.1.4aS" ) flag++; else if ( ver == "3.1.4S" ) flag++; else if ( ver == "3.2.1S" ) flag++; else if ( ver == "3.2.2S" ) flag++; else if ( ver == "3.3.0S" ) flag++; else if ( ver == "3.3.0SG" ) flag++; else if ( ver == "3.3.1S" ) flag++; else if ( ver == "3.3.1SG" ) flag++; else if ( ver == "3.3.2S" ) flag++; else if ( ver == "3.3.2SG" ) flag++; else if ( ver == "3.4.0aS" ) flag++; else if ( ver == "3.4.0S" ) flag++; else if ( ver == "3.4.0SG" ) flag++; else if ( ver == "3.4.1S" ) flag++; else if ( ver == "3.4.1SG" ) flag++; else if ( ver == "3.4.2S" ) flag++; else if ( ver == "3.4.2SG" ) flag++; else if ( ver == "3.4.3S" ) flag++; else if ( ver == "3.4.3SG" ) flag++; else if ( ver == "3.4.4S" ) flag++; else if ( ver == "3.4.4SG" ) flag++; else if ( ver == "3.4.5S" ) flag++; else if ( ver == "3.4.5SG" ) flag++; else if ( ver == "3.4.6S" ) flag++; else if ( ver == "3.4.6SG" ) flag++; else if ( ver == "3.4.7SG" ) flag++; else if ( ver == "3.5.0E" ) flag++; else if ( ver == "3.5.0S" ) flag++; else if ( ver == "3.5.1E" ) flag++; else if ( ver == "3.5.1S" ) flag++; else if ( ver == "3.5.2E" ) flag++; else if ( ver == "3.5.2S" ) flag++; else if ( ver == "3.5.3E" ) flag++; else if ( ver == "3.6.0E" ) flag++; else if ( ver == "3.6.0S" ) flag++; else if ( ver == "3.6.1E" ) flag++; else if ( ver == "3.6.1S" ) flag++; else if ( ver == "3.6.2aE" ) flag++; else if ( ver == "3.6.2E" ) flag++; else if ( ver == "3.6.2S" ) flag++; else if ( ver == "3.6.4E" ) flag++; else if ( ver == "3.6.5E" ) flag++; else if ( ver == "3.7.0E" ) flag++; else if ( ver == "3.7.0S" ) flag++; else if ( ver == "3.7.1E" ) flag++; else if ( ver == "3.7.1S" ) flag++; else if ( ver == "3.7.2E" ) flag++; else if ( ver == "3.7.2S" ) flag++; else if ( ver == "3.7.2tS" ) flag++; else if ( ver == "3.7.3E" ) flag++; else if ( ver == "3.7.3S" ) flag++; else if ( ver == "3.7.4aS" ) flag++; else if ( ver == "3.7.4S" ) flag++; else if ( ver == "3.7.5E" ) flag++; else if ( ver == "3.7.5S" ) flag++; else if ( ver == "3.7.6S" ) flag++; else if ( ver == "3.7.7S" ) flag++; else if ( ver == "3.8.0E" ) flag++; else if ( ver == "3.8.0S" ) flag++; else if ( ver == "3.8.1E" ) flag++; else if ( ver == "3.8.1S" ) flag++; else if ( ver == "3.8.2E" ) flag++; else if ( ver == "3.8.2S" ) flag++; else if ( ver == "3.9.0aS" ) flag++; else if ( ver == "3.9.0E" ) flag++; else if ( ver == "3.9.0S" ) flag++; else if ( ver == "3.9.1aS" ) flag++; else if ( ver == "3.9.1S" ) flag++; else if ( ver == "3.9.2S" ) flag++; else if ( ver == "3.10.0S" ) flag++; else if ( ver == "3.10.1S" ) flag++; else if ( ver == "3.10.1xbS" ) flag++; else if ( ver == "3.10.2S" ) flag++; else if ( ver == "3.10.2tS" ) flag++; else if ( ver == "3.10.3S" ) flag++; else if ( ver == "3.10.4S" ) flag++; else if ( ver == "3.10.5S" ) flag++; else if ( ver == "3.10.6S" ) flag++; else if ( ver == "3.10.7S" ) flag++; else if ( ver == "3.11.0S" ) flag++; else if ( ver == "3.11.1S" ) flag++; else if ( ver == "3.11.2S" ) flag++; else if ( ver == "3.11.3S" ) flag++; else if ( ver == "3.11.4S" ) flag++; else if ( ver == "3.12.0aS" ) flag++; else if ( ver == "3.12.0S" ) flag++; else if ( ver == "3.12.1S" ) flag++; else if ( ver == "3.12.2S" ) flag++; else if ( ver == "3.12.3S" ) flag++; else if ( ver == "3.12.4S" ) flag++; else if ( ver == "3.13.0aS" ) flag++; else if ( ver == "3.13.0S" ) flag++; else if ( ver == "3.13.1S" ) flag++; else if ( ver == "3.13.2aS" ) flag++; else if ( ver == "3.13.2S" ) flag++; else if ( ver == "3.13.3S" ) flag++; else if ( ver == "3.13.4S" ) flag++; else if ( ver == "3.13.5aS" ) flag++; else if ( ver == "3.13.5S" ) flag++; else if ( ver == "3.13.6aS" ) flag++; else if ( ver == "3.13.6S" ) flag++; else if ( ver == "3.14.0S" ) flag++; else if ( ver == "3.14.1S" ) flag++; else if ( ver == "3.14.2S" ) flag++; else if ( ver == "3.14.3S" ) flag++; else if ( ver == "3.14.4S" ) flag++; else if ( ver == "3.15.0S" ) flag++; else if ( ver == "3.15.1cS" ) flag++; else if ( ver == "3.15.1S" ) flag++; else if ( ver == "3.15.2S" ) flag++; else if ( ver == "3.15.3S" ) flag++; else if ( ver == "3.16.0cS" ) flag++; else if ( ver == "3.16.0S" ) flag++; else if ( ver == "3.16.1aS" ) flag++; else if ( ver == "3.16.1S" ) flag++; else if ( ver == "3.16.2aS" ) flag++; else if ( ver == "3.16.2S" ) flag++; else if ( ver == "3.17.0S" ) flag++; else if ( ver == "3.17.1S" ) flag++; else if ( ver == "3.17.2S" ) flag++; else if ( ver == "3.18.0S" ) flag++; else if ( ver == "3.18.1S" ) flag++; else if ( ver == "3.18.2S" ) flag++; # Check that IKEv1 config or IKEv1 is running cmd_list = make_list(); if (flag && get_kb_item("Host/local_checks_enabled")) { flag = 0; # Check for condition 1, IKEv1 config buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config","show running-config"); if (check_cisco_result(buf)) { if ( "crypto gdoi" >< buf || "crypto map" >< buf || "tunnel protection ipsec" >< buf ) { flag = 1; cmd_list = make_list("show running-config"); } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } # Check for condition 2, IKEv1 is running if (flag) { flag = 0; pat = "(\d+.\d+.\d+.\d+|.*:.*|UNKNOWN|--any--)\s+(500|848|4500|4848)\s"; buf = cisco_command_kb_item("Host/Cisco/Config/show_ip_sockets","show ip sockets"); if (!flag) { if (check_cisco_result(buf)) { if ( preg(multiline:TRUE, pattern:pat, string:buf) ) { flag = 1; cmd_list = make_list(cmd_list, "show ip sockets"); } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } } if (!flag) { buf = cisco_command_kb_item("Host/Cisco/Config/show_udp","show udp"); if (check_cisco_result(buf)) { if ( preg(multiline:TRUE, pattern:pat, string:buf) ) { flag = 1; cmd_list = make_list(cmd_list, "show udp"); } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } } } } if (flag) { security_report_cisco( port : 0, severity : SECURITY_WARNING, override : override, version : ver, bug_id : 'CSCvb29204', cmds : cmd_list ); } else audit(AUDIT_HOST_NOT, "affected");
NASL family CISCO NASL id CISCO-SA-20160916-IKEV1-IOSXR.NASL description According to its self-reported version and configuration, the Cisco IOS XR software running on the remote device is affected by an information disclosure vulnerability, known as BENIGNCERTAIN, in the Internet Key Exchange version 1 (IKEv1) subsystem due to improper handling of IKEv1 security negotiation requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted IKEv1 packet, to disclose memory contents, resulting in the disclosure of confidential information including credentials and configuration settings. BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers. last seen 2020-03-17 modified 2016-09-27 plugin id 93738 published 2016-09-27 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93738 title Cisco IOS XR IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN) code #TRUSTED 3ae37a95b72bc2c7b2b66eda00eb506af8d3219ab4bd85afca8cb4d66320f741f7e91207f14a7d9df12c11ddec834a28a1a592e60568477b0791644f7c306fbc52fb2cf0efc23e5fe189e9bee93a953b3521c6c56a2f11bbcfaae7248f4733cb28a0aba50a803949bfc1c79d4b01877b712b415a727e397a9e969593288250265c413dcdfd0d956af36bc8815134a4bb0d175078a7eb61d12b54f7e2a98b3e1fd804a29f7850da03f8a899b4cbb38f1ef3be3d9be9ca706d5f08db4c2412b8ff9535f6bbf2689b89e2d02be5e3254651398954d8a381c6da27b75d7ff29985d0af896cb39e67c51d55d676f106c73ebe4ba07c5890e31447aa4c9a9f7eeaee7d430442ff0752626e4a67433691f33f3d341f786deeaf4c6fa720ba426fcd20989c9d8da7fad188357981956f4903a56f79cdedf291659b5b05d5929957c29d22be7a1995ab68ce89fd320e44dc7360416376697c1031ac3fa21e92f5d2eff7296d8ce99a87462efaef97de439078419085d97bb79b8d757fee7fe55a49a32cb8c2199078485d68cdabe2935e5943104ff5010a858c8fd850018c610451d2d3209f88e5e5dea0744a8690024c6744968bb00c8900e83f01d1ac5fb093fe1a1a13b003eadf783cb63ea9c71a0d1500fd5b91123119838466d3ba87684c98b0ceab79d6588d8d1cc6da36af696115fac898979d2a85d0b86629777282708b8276f1 # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(93738); script_version("1.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2019/04/11"); script_cve_id("CVE-2016-6415"); script_bugtraq_id(93003); script_xref(name:"CISCO-BUG-ID", value:"CSCvb29204"); script_xref(name:"CISCO-SA", value:"cisco-sa-20160916-ikev1"); script_name(english:"Cisco IOS XR IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN)"); script_summary(english:"Checks the IOS XR version."); script_set_attribute(attribute:"synopsis", value: "The remote device is missing a vendor-supplied security patch."); script_set_attribute(attribute:"description", value: "According to its self-reported version and configuration, the Cisco IOS XR software running on the remote device is affected by an information disclosure vulnerability, known as BENIGNCERTAIN, in the Internet Key Exchange version 1 (IKEv1) subsystem due to improper handling of IKEv1 security negotiation requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted IKEv1 packet, to disclose memory contents, resulting in the disclosure of confidential information including credentials and configuration settings. BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers."); # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7f2c76c"); # https://www.riskbasedsecurity.com/2016/08/the-shadow-brokers-lifting-the-shadows-of-the-nsas-equation-group/ script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4c7e0cf3"); script_set_attribute(attribute:"see_also", value:"https://blogs.cisco.com/security/shadow-brokers"); script_set_attribute(attribute:"solution", value: "Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvb29204."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/08/14"); script_set_attribute(attribute:"patch_publication_date", value:"2016/09/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/27"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xr"); script_set_attribute(attribute:"in_the_news", value:"true"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CISCO"); script_dependencies("cisco_ios_xr_version.nasl"); script_require_keys("Host/Cisco/IOS-XR/Version"); exit(0); } include("audit.inc"); include("cisco_func.inc"); include("cisco_kb_cmd_func.inc"); version = get_kb_item_or_exit("Host/Cisco/IOS-XR/Version"); flag = FALSE; override = FALSE; if ( version =~ "^4\.3\." || version =~ "^5\.0\." || version =~ "^5\.1\." || version =~ "^5\.2\." ) flag = TRUE; # Check that IKEv1 config or IKEv1 is running cmd_list = make_list(); if (flag && get_kb_item("Host/local_checks_enabled")) { flag = 0; # Check for condition 1, IKEv1 config buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config","show running-config"); if (check_cisco_result(buf)) { if ( "crypto gdoi" >< buf || "crypto map" >< buf || "tunnel protection ipsec" >< buf ) { flag = 1; cmd_list = make_list("show running-config"); } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } # Check for condition 2, IKEv1 is running if (flag) { flag = 0; pat = "(\d+.\d+.\d+.\d+|.*:.*|UNKNOWN|--any--)\s+(500|848|4500|4848)\s"; buf = cisco_command_kb_item("Host/Cisco/Config/show_ip_sockets","show ip sockets"); if (!flag) { if (check_cisco_result(buf)) { if ( preg(multiline:TRUE, pattern:pat, string:buf) ) { cmd_list = make_list(cmd_list, "show ip sockets"); flag = 1; } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } } if (!flag) { buf = cisco_command_kb_item("Host/Cisco/Config/show_udp","show udp"); if (check_cisco_result(buf)) { if ( preg(multiline:TRUE, pattern:pat, string:buf) ) { flag = 1; cmd_list = make_list(cmd_list, "show udp"); } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } } } } if (flag) { security_report_cisco( port : 0, severity : SECURITY_WARNING, override : override, version : version, bug_id : "CSCvb29204", cmds : cmd_list ); } else audit(AUDIT_HOST_NOT, "affected");
NASL family CISCO NASL id CISCO-SA-20160916-IKEV1-IOS.NASL description According to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by an information disclosure vulnerability, known as BENIGNCERTAIN, in the Internet Key Exchange version 1 (IKEv1) subsystem due to improper handling of IKEv1 security negotiation requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted IKEv1 packet, to disclose memory contents, resulting in the disclosure of confidential information including credentials and configuration settings. BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers. last seen 2020-03-17 modified 2016-09-27 plugin id 93736 published 2016-09-27 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93736 title Cisco IOS IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN) code #TRUSTED 1b6e49d838709096ba7b5c16e0feedf8198269e637fcd85a0bfd25607e4265d39571866be15c2b2441a83024eb3ac0a35feb76fa6a12539cd5a5f9207c026773c5cec844240c67577c315c5bab64de8f11f073b4ab050b05a2ad67e6c6dd302dc439bf24ad3941d1ddb7d6912df37cb082f2b25357fec672cde25197a80d35c85726c6696de1e2cc772b440efc6f856a0f83ed7defaf006246d99a3fb2ccbd36e3c0db562c22344938c43abb7c542adcf645f5e2ec1690c59fabb12fcd12eee9beac0f21e3458ce40e498beceba2f7885a912f628084ed0a28b37ed8045ed0126e5db66de38a7de90904fe50dc6d9a356f54ee199f04c77edf369efcbb3a026c83d5590bf3a14fbe8e1b85a7926f6bcd733a40da783493931e454b9b685cdfc8075bc9de9c5d8f37d4d91281dca512eb7e8dfd10d5c1d3e21e66e53ebeb9a43f443f267f0d596bb0ce71afb0eaab06cd8896ad43ded5e806fef2a02b8845c443530f40f5410704deeb0615c90f64e547405e918f118dc157d357db5f66a55864d036f18acb20a252ebeb5d68cfa1613c842652bdb97976cf114127591460397bc3c6030d7f07aca612e9f2c5c81fb0bd1ca2af169e277a8c7b7b7893f02396b78c2174f6524bf41dfdbd7788791c75ea547e9d314c18cf50ac98affc13dd1b79966288cffcf40ca7a5e8d84151d09bbb41a7822b1fb28f0f572cc17b28269769 # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(93736); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2019/04/11"); script_cve_id("CVE-2016-6415"); script_bugtraq_id(93003); script_xref(name:"CISCO-BUG-ID", value:"CSCvb29204"); script_xref(name:"CISCO-SA", value:"cisco-sa-20160916-ikev1"); script_name(english:"Cisco IOS IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN)"); script_summary(english:"Checks the IOS version."); script_set_attribute(attribute:"synopsis", value: "The remote device is missing a vendor-supplied security patch."); script_set_attribute(attribute:"description", value: "According to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by an information disclosure vulnerability, known as BENIGNCERTAIN, in the Internet Key Exchange version 1 (IKEv1) subsystem due to improper handling of IKEv1 security negotiation requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted IKEv1 packet, to disclose memory contents, resulting in the disclosure of confidential information including credentials and configuration settings. BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers."); # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7f2c76c"); # https://www.riskbasedsecurity.com/2016/08/the-shadow-brokers-lifting-the-shadows-of-the-nsas-equation-group/ script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4c7e0cf3"); script_set_attribute(attribute:"see_also", value:"https://blogs.cisco.com/security/shadow-brokers"); script_set_attribute(attribute:"solution", value: "Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvb29204."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/08/14"); script_set_attribute(attribute:"patch_publication_date", value:"2016/09/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/27"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios"); script_set_attribute(attribute:"in_the_news", value:"true"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CISCO"); script_dependencies("cisco_ios_version.nasl"); script_require_keys("Host/Cisco/IOS/Version"); exit(0); } include("audit.inc"); include("cisco_func.inc"); include("cisco_kb_cmd_func.inc"); flag = 0; override = 0; ver = get_kb_item_or_exit("Host/Cisco/IOS/Version"); # Check for vuln version if ( ver == "12.2(18)IXA" ) flag++; else if ( ver == "12.2(18)IXB" ) flag++; else if ( ver == "12.2(18)IXB1" ) flag++; else if ( ver == "12.2(18)IXB2" ) flag++; else if ( ver == "12.2(18)IXC" ) flag++; else if ( ver == "12.2(18)IXD" ) flag++; else if ( ver == "12.2(18)IXD1" ) flag++; else if ( ver == "12.2(18)IXE" ) flag++; else if ( ver == "12.2(18)IXF" ) flag++; else if ( ver == "12.2(18)IXF1" ) flag++; else if ( ver == "12.2(18)IXG" ) flag++; else if ( ver == "12.2(18)IXH" ) flag++; else if ( ver == "12.2(18)IXH1" ) flag++; else if ( ver == "12.2(18)SXD" ) flag++; else if ( ver == "12.2(18)SXD1" ) flag++; else if ( ver == "12.2(18)SXD2" ) flag++; else if ( ver == "12.2(18)SXD3" ) flag++; else if ( ver == "12.2(18)SXD4" ) flag++; else if ( ver == "12.2(18)SXD5" ) flag++; else if ( ver == "12.2(18)SXD6" ) flag++; else if ( ver == "12.2(18)SXD7" ) flag++; else if ( ver == "12.2(18)SXD7a" ) flag++; else if ( ver == "12.2(18)SXD7b" ) flag++; else if ( ver == "12.2(18)SXE" ) flag++; else if ( ver == "12.2(18)SXE1" ) flag++; else if ( ver == "12.2(18)SXE2" ) flag++; else if ( ver == "12.2(18)SXE3" ) flag++; else if ( ver == "12.2(18)SXE4" ) flag++; else if ( ver == "12.2(18)SXE5" ) flag++; else if ( ver == "12.2(18)SXE6" ) flag++; else if ( ver == "12.2(18)SXE6a" ) flag++; else if ( ver == "12.2(18)SXE6b" ) flag++; else if ( ver == "12.2(18)SXF" ) flag++; else if ( ver == "12.2(18)SXF1" ) flag++; else if ( ver == "12.2(18)SXF10" ) flag++; else if ( ver == "12.2(18)SXF10a" ) flag++; else if ( ver == "12.2(18)SXF11" ) flag++; else if ( ver == "12.2(18)SXF12" ) flag++; else if ( ver == "12.2(18)SXF12a" ) flag++; else if ( ver == "12.2(18)SXF13" ) flag++; else if ( ver == "12.2(18)SXF13a" ) flag++; else if ( ver == "12.2(18)SXF13b" ) flag++; else if ( ver == "12.2(18)SXF14" ) flag++; else if ( ver == "12.2(18)SXF15" ) flag++; else if ( ver == "12.2(18)SXF15a" ) flag++; else if ( ver == "12.2(18)SXF16" ) flag++; else if ( ver == "12.2(18)SXF17" ) flag++; else if ( ver == "12.2(18)SXF17a" ) flag++; else if ( ver == "12.2(18)SXF17b" ) flag++; else if ( ver == "12.2(18)SXF2" ) flag++; else if ( ver == "12.2(18)SXF3" ) flag++; else if ( ver == "12.2(18)SXF4" ) flag++; else if ( ver == "12.2(18)SXF5" ) flag++; else if ( ver == "12.2(18)SXF6" ) flag++; else if ( ver == "12.2(18)SXF7" ) flag++; else if ( ver == "12.2(18)SXF8" ) flag++; else if ( ver == "12.2(18)SXF9" ) flag++; else if ( ver == "12.2(18)ZU" ) flag++; else if ( ver == "12.2(18)ZU1" ) flag++; else if ( ver == "12.2(18)ZU2" ) flag++; else if ( ver == "12.2(18)ZY" ) flag++; else if ( ver == "12.2(18)ZY1" ) flag++; else if ( ver == "12.2(18)ZY2" ) flag++; else if ( ver == "12.2(18)ZYA" ) flag++; else if ( ver == "12.2(18)ZYA1" ) flag++; else if ( ver == "12.2(18)ZYA2" ) flag++; else if ( ver == "12.2(18)ZYA3" ) flag++; else if ( ver == "12.2(18)ZYA3a" ) flag++; else if ( ver == "12.2(18)ZYA3b" ) flag++; else if ( ver == "12.2(18)ZYA3c" ) flag++; else if ( ver == "12.2(33)CX" ) flag++; else if ( ver == "12.2(33)CY" ) flag++; else if ( ver == "12.2(33)CY1" ) flag++; else if ( ver == "12.2(33)IRA" ) flag++; else if ( ver == "12.2(33)IRB" ) flag++; else if ( ver == "12.2(33)IRC" ) flag++; else if ( ver == "12.2(33)IRD" ) flag++; else if ( ver == "12.2(33)IRE" ) flag++; else if ( ver == "12.2(33)IRE1" ) flag++; else if ( ver == "12.2(33)IRE2" ) flag++; else if ( ver == "12.2(33)IRF" ) flag++; else if ( ver == "12.2(33)IRG" ) flag++; else if ( ver == "12.2(33)IRG1" ) flag++; else if ( ver == "12.2(33)IRH" ) flag++; else if ( ver == "12.2(33)IRH1" ) flag++; else if ( ver == "12.2(33)IRI" ) flag++; else if ( ver == "12.2(33)MRA" ) flag++; else if ( ver == "12.2(33)MRB" ) flag++; else if ( ver == "12.2(33)MRB1" ) flag++; else if ( ver == "12.2(33)MRB2" ) flag++; else if ( ver == "12.2(33)MRB3" ) flag++; else if ( ver == "12.2(33)MRB4" ) flag++; else if ( ver == "12.2(33)MRB5" ) flag++; else if ( ver == "12.2(33)MRB6" ) flag++; else if ( ver == "12.2(33)SB" ) flag++; else if ( ver == "12.2(33)SB1" ) flag++; else if ( ver == "12.2(33)SB2" ) flag++; else if ( ver == "12.2(33)SB3" ) flag++; else if ( ver == "12.2(33)SB4" ) flag++; else if ( ver == "12.2(33)SCA" ) flag++; else if ( ver == "12.2(33)SCA1" ) flag++; else if ( ver == "12.2(33)SCA2" ) flag++; else if ( ver == "12.2(33)SCB" ) flag++; else if ( ver == "12.2(33)SCB1" ) flag++; else if ( ver == "12.2(33)SCB10" ) flag++; else if ( ver == "12.2(33)SCB11" ) flag++; else if ( ver == "12.2(33)SCB2" ) flag++; else if ( ver == "12.2(33)SCB3" ) flag++; else if ( ver == "12.2(33)SCB4" ) flag++; else if ( ver == "12.2(33)SCB5" ) flag++; else if ( ver == "12.2(33)SCB6" ) flag++; else if ( ver == "12.2(33)SCB7" ) flag++; else if ( ver == "12.2(33)SCB8" ) flag++; else if ( ver == "12.2(33)SCB9" ) flag++; else if ( ver == "12.2(33)SCC" ) flag++; else if ( ver == "12.2(33)SCC1" ) flag++; else if ( ver == "12.2(33)SCC2" ) flag++; else if ( ver == "12.2(33)SCC3" ) flag++; else if ( ver == "12.2(33)SCC4" ) flag++; else if ( ver == "12.2(33)SCC5" ) flag++; else if ( ver == "12.2(33)SCC6" ) flag++; else if ( ver == "12.2(33)SCC7" ) flag++; else if ( ver == "12.2(33)SCD" ) flag++; else if ( ver == "12.2(33)SCD1" ) flag++; else if ( ver == "12.2(33)SCD2" ) flag++; else if ( ver == "12.2(33)SCD3" ) flag++; else if ( ver == "12.2(33)SCD4" ) flag++; else if ( ver == "12.2(33)SCD5" ) flag++; else if ( ver == "12.2(33)SCD6" ) flag++; else if ( ver == "12.2(33)SCD7" ) flag++; else if ( ver == "12.2(33)SCD8" ) flag++; else if ( ver == "12.2(33)SCE" ) flag++; else if ( ver == "12.2(33)SCE1" ) flag++; else if ( ver == "12.2(33)SCE2" ) flag++; else if ( ver == "12.2(33)SCE3" ) flag++; else if ( ver == "12.2(33)SCE4" ) flag++; else if ( ver == "12.2(33)SCE5" ) flag++; else if ( ver == "12.2(33)SCE6" ) flag++; else if ( ver == "12.2(33)SCF" ) flag++; else if ( ver == "12.2(33)SCF1" ) flag++; else if ( ver == "12.2(33)SCF2" ) flag++; else if ( ver == "12.2(33)SCF3" ) flag++; else if ( ver == "12.2(33)SCF4" ) flag++; else if ( ver == "12.2(33)SCF5" ) flag++; else if ( ver == "12.2(33)SCG" ) flag++; else if ( ver == "12.2(33)SCG1" ) flag++; else if ( ver == "12.2(33)SCG2" ) flag++; else if ( ver == "12.2(33)SCG3" ) flag++; else if ( ver == "12.2(33)SCG4" ) flag++; else if ( ver == "12.2(33)SCG5" ) flag++; else if ( ver == "12.2(33)SCG6" ) flag++; else if ( ver == "12.2(33)SCG7" ) flag++; else if ( ver == "12.2(33)SCH" ) flag++; else if ( ver == "12.2(33)SCH0a" ) flag++; else if ( ver == "12.2(33)SCH1" ) flag++; else if ( ver == "12.2(33)SCH2" ) flag++; else if ( ver == "12.2(33)SCH2a" ) flag++; else if ( ver == "12.2(33)SCH3" ) flag++; else if ( ver == "12.2(33)SCH4" ) flag++; else if ( ver == "12.2(33)SCH5" ) flag++; else if ( ver == "12.2(33)SCH6" ) flag++; else if ( ver == "12.2(33)SCI" ) flag++; else if ( ver == "12.2(33)SCI1" ) flag++; else if ( ver == "12.2(33)SCI1a" ) flag++; else if ( ver == "12.2(33)SCI2" ) flag++; else if ( ver == "12.2(33)SCI2a" ) flag++; else if ( ver == "12.2(33)SCI3" ) flag++; else if ( ver == "12.2(33)SCJ" ) flag++; else if ( ver == "12.2(33)SCJ1" ) flag++; else if ( ver == "12.2(33)SCJ1a" ) flag++; else if ( ver == "12.2(33)SCJ1b" ) flag++; else if ( ver == "12.2(33)SCJ2" ) flag++; else if ( ver == "12.2(33)SCJ2a" ) flag++; else if ( ver == "12.2(33)SRA" ) flag++; else if ( ver == "12.2(33)SRA1" ) flag++; else if ( ver == "12.2(33)SRA2" ) flag++; else if ( ver == "12.2(33)SRA3" ) flag++; else if ( ver == "12.2(33)SRA4" ) flag++; else if ( ver == "12.2(33)SRA5" ) flag++; else if ( ver == "12.2(33)SRA6" ) flag++; else if ( ver == "12.2(33)SRA7" ) flag++; else if ( ver == "12.2(33)SRB" ) flag++; else if ( ver == "12.2(33)SRB1" ) flag++; else if ( ver == "12.2(33)SRB2" ) flag++; else if ( ver == "12.2(33)SRB3" ) flag++; else if ( ver == "12.2(33)SRB4" ) flag++; else if ( ver == "12.2(33)SRB5" ) flag++; else if ( ver == "12.2(33)SRB5a" ) flag++; else if ( ver == "12.2(33)SRB6" ) flag++; else if ( ver == "12.2(33)SRB7" ) flag++; else if ( ver == "12.2(33)SRC" ) flag++; else if ( ver == "12.2(33)SRC1" ) flag++; else if ( ver == "12.2(33)SRC2" ) flag++; else if ( ver == "12.2(33)SRC3" ) flag++; else if ( ver == "12.2(33)SRC4" ) flag++; else if ( ver == "12.2(33)SRC5" ) flag++; else if ( ver == "12.2(33)SRC6" ) flag++; else if ( ver == "12.2(33)SRD" ) flag++; else if ( ver == "12.2(33)SRD1" ) flag++; else if ( ver == "12.2(33)SRD2" ) flag++; else if ( ver == "12.2(33)SRD2a" ) flag++; else if ( ver == "12.2(33)SRD3" ) flag++; else if ( ver == "12.2(33)SRD4" ) flag++; else if ( ver == "12.2(33)SRD4a" ) flag++; else if ( ver == "12.2(33)SRD5" ) flag++; else if ( ver == "12.2(33)SRD6" ) flag++; else if ( ver == "12.2(33)SRD7" ) flag++; else if ( ver == "12.2(33)SRD8" ) flag++; else if ( ver == "12.2(33)SRE" ) flag++; else if ( ver == "12.2(33)SRE0a" ) flag++; else if ( ver == "12.2(33)SRE1" ) flag++; else if ( ver == "12.2(33)SRE10" ) flag++; else if ( ver == "12.2(33)SRE11" ) flag++; else if ( ver == "12.2(33)SRE12" ) flag++; else if ( ver == "12.2(33)SRE13" ) flag++; else if ( ver == "12.2(33)SRE14" ) flag++; else if ( ver == "12.2(33)SRE15" ) flag++; else if ( ver == "12.2(33)SRE2" ) flag++; else if ( ver == "12.2(33)SRE3" ) flag++; else if ( ver == "12.2(33)SRE4" ) flag++; else if ( ver == "12.2(33)SRE5" ) flag++; else if ( ver == "12.2(33)SRE6" ) flag++; else if ( ver == "12.2(33)SRE7" ) flag++; else if ( ver == "12.2(33)SRE7a" ) flag++; else if ( ver == "12.2(33)SRE8" ) flag++; else if ( ver == "12.2(33)SRE9" ) flag++; else if ( ver == "12.2(33)SRE9a" ) flag++; else if ( ver == "12.2(33)SXH" ) flag++; else if ( ver == "12.2(33)SXH0a" ) flag++; else if ( ver == "12.2(33)SXH1" ) flag++; else if ( ver == "12.2(33)SXH2" ) flag++; else if ( ver == "12.2(33)SXH2a" ) flag++; else if ( ver == "12.2(33)SXH3" ) flag++; else if ( ver == "12.2(33)SXH3a" ) flag++; else if ( ver == "12.2(33)SXH4" ) flag++; else if ( ver == "12.2(33)SXH5" ) flag++; else if ( ver == "12.2(33)SXH6" ) flag++; else if ( ver == "12.2(33)SXI" ) flag++; else if ( ver == "12.2(33)SXI1" ) flag++; else if ( ver == "12.2(33)SXI2" ) flag++; else if ( ver == "12.2(33)SXI2a" ) flag++; else if ( ver == "12.2(33)SXI3" ) flag++; else if ( ver == "12.2(33)SXI3a" ) flag++; else if ( ver == "12.2(33)XN" ) flag++; else if ( ver == "12.2(33)XN1" ) flag++; else if ( ver == "12.2(33)ZI" ) flag++; else if ( ver == "12.2(33)ZW" ) flag++; else if ( ver == "12.2(33)ZZ" ) flag++; else if ( ver == "12.2(40)SE" ) flag++; else if ( ver == "12.2(44)SE" ) flag++; else if ( ver == "12.2(44)SE1" ) flag++; else if ( ver == "12.2(44)SE2" ) flag++; else if ( ver == "12.2(44)SE3" ) flag++; else if ( ver == "12.2(44)SE5" ) flag++; else if ( ver == "12.2(44)SE6" ) flag++; else if ( ver == "12.2(46)SE" ) flag++; else if ( ver == "12.2(50)SE" ) flag++; else if ( ver == "12.2(50)SE1" ) flag++; else if ( ver == "12.2(50)SE3" ) flag++; else if ( ver == "12.2(50)SE4" ) flag++; else if ( ver == "12.2(50)SE5" ) flag++; else if ( ver == "12.2(50)SY" ) flag++; else if ( ver == "12.2(50)SY1" ) flag++; else if ( ver == "12.2(50)SY2" ) flag++; else if ( ver == "12.2(50)SY3" ) flag++; else if ( ver == "12.2(50)SY4" ) flag++; else if ( ver == "12.2(52)SE" ) flag++; else if ( ver == "12.2(55)SE" ) flag++; else if ( ver == "12.2(55)SE10" ) flag++; else if ( ver == "12.2(55)SE11" ) flag++; else if ( ver == "12.2(55)SE3" ) flag++; else if ( ver == "12.2(55)SE4" ) flag++; else if ( ver == "12.2(55)SE5" ) flag++; else if ( ver == "12.2(55)SE6" ) flag++; else if ( ver == "12.2(55)SE7" ) flag++; else if ( ver == "12.2(55)SE8" ) flag++; else if ( ver == "12.2(55)SE9" ) flag++; else if ( ver == "12.2(99)SX1003" ) flag++; else if ( ver == "12.2(99)SX1006" ) flag++; else if ( ver == "12.2(99)SX1010" ) flag++; else if ( ver == "12.2(99)SX1012" ) flag++; else if ( ver == "12.2(99)SX1017" ) flag++; else if ( ver == "12.3(11)T" ) flag++; else if ( ver == "12.3(11)T1" ) flag++; else if ( ver == "12.3(11)T10" ) flag++; else if ( ver == "12.3(11)T11" ) flag++; else if ( ver == "12.3(11)T12" ) flag++; else if ( ver == "12.3(11)T2" ) flag++; else if ( ver == "12.3(11)T2a" ) flag++; else if ( ver == "12.3(11)T3" ) flag++; else if ( ver == "12.3(11)T4" ) flag++; else if ( ver == "12.3(11)T5" ) flag++; else if ( ver == "12.3(11)T6" ) flag++; else if ( ver == "12.3(11)T7" ) flag++; else if ( ver == "12.3(11)T8" ) flag++; else if ( ver == "12.3(11)T9" ) flag++; else if ( ver == "12.3(11)TO3" ) flag++; else if ( ver == "12.3(11)XL" ) flag++; else if ( ver == "12.3(11)XL1" ) flag++; else if ( ver == "12.3(11)XL2" ) flag++; else if ( ver == "12.3(11)XL3" ) flag++; else if ( ver == "12.3(11)YF" ) flag++; else if ( ver == "12.3(11)YF1" ) flag++; else if ( ver == "12.3(11)YF2" ) flag++; else if ( ver == "12.3(11)YF3" ) flag++; else if ( ver == "12.3(11)YF4" ) flag++; else if ( ver == "12.3(11)YK" ) flag++; else if ( ver == "12.3(11)YK1" ) flag++; else if ( ver == "12.3(11)YK2" ) flag++; else if ( ver == "12.3(11)YK3" ) flag++; else if ( ver == "12.3(11)YL" ) flag++; else if ( ver == "12.3(11)YL1" ) flag++; else if ( ver == "12.3(11)YL2" ) flag++; else if ( ver == "12.3(11)YN" ) flag++; else if ( ver == "12.3(11)YR" ) flag++; else if ( ver == "12.3(11)YR1" ) flag++; else if ( ver == "12.3(11)YS" ) flag++; else if ( ver == "12.3(11)YS1" ) flag++; else if ( ver == "12.3(11)YS2" ) flag++; else if ( ver == "12.3(11)YZ" ) flag++; else if ( ver == "12.3(11)YZ1" ) flag++; else if ( ver == "12.3(11)YZ2" ) flag++; else if ( ver == "12.3(11)ZB" ) flag++; else if ( ver == "12.3(11)ZB1" ) flag++; else if ( ver == "12.3(11)ZB2" ) flag++; else if ( ver == "12.3(14)T" ) flag++; else if ( ver == "12.3(14)T1" ) flag++; else if ( ver == "12.3(14)T2" ) flag++; else if ( ver == "12.3(14)T3" ) flag++; else if ( ver == "12.3(14)T4" ) flag++; else if ( ver == "12.3(14)T5" ) flag++; else if ( ver == "12.3(14)T6" ) flag++; else if ( ver == "12.3(14)T7" ) flag++; else if ( ver == "12.3(14)YQ" ) flag++; else if ( ver == "12.3(14)YQ1" ) flag++; else if ( ver == "12.3(14)YQ2" ) flag++; else if ( ver == "12.3(14)YQ3" ) flag++; else if ( ver == "12.3(14)YQ4" ) flag++; else if ( ver == "12.3(14)YQ5" ) flag++; else if ( ver == "12.3(14)YQ6" ) flag++; else if ( ver == "12.3(14)YQ7" ) flag++; else if ( ver == "12.3(14)YQ8" ) flag++; else if ( ver == "12.3(14)YT" ) flag++; else if ( ver == "12.3(14)YT1" ) flag++; else if ( ver == "12.3(14)YU" ) flag++; else if ( ver == "12.3(14)YU1" ) flag++; else if ( ver == "12.3(2)XE" ) flag++; else if ( ver == "12.3(2)XE1" ) flag++; else if ( ver == "12.3(2)XE2" ) flag++; else if ( ver == "12.3(2)XE3" ) flag++; else if ( ver == "12.3(2)XE4" ) flag++; else if ( ver == "12.3(2)XE5" ) flag++; else if ( ver == "12.3(2)XF" ) flag++; else if ( ver == "12.3(4)T" ) flag++; else if ( ver == "12.3(4)T1" ) flag++; else if ( ver == "12.3(4)T10" ) flag++; else if ( ver == "12.3(4)T11" ) flag++; else if ( ver == "12.3(4)T2" ) flag++; else if ( ver == "12.3(4)T3" ) flag++; else if ( ver == "12.3(4)T4" ) flag++; else if ( ver == "12.3(4)T6" ) flag++; else if ( ver == "12.3(4)T7" ) flag++; else if ( ver == "12.3(4)T8" ) flag++; else if ( ver == "12.3(4)T9" ) flag++; else if ( ver == "12.3(4)TPC11a" ) flag++; else if ( ver == "12.3(4)TPC11b" ) flag++; else if ( ver == "12.3(4)XD" ) flag++; else if ( ver == "12.3(4)XD1" ) flag++; else if ( ver == "12.3(4)XD2" ) flag++; else if ( ver == "12.3(4)XD3" ) flag++; else if ( ver == "12.3(4)XD4" ) flag++; else if ( ver == "12.3(4)XG" ) flag++; else if ( ver == "12.3(4)XG1" ) flag++; else if ( ver == "12.3(4)XG2" ) flag++; else if ( ver == "12.3(4)XG3" ) flag++; else if ( ver == "12.3(4)XG4" ) flag++; else if ( ver == "12.3(4)XG5" ) flag++; else if ( ver == "12.3(4)XH" ) flag++; else if ( ver == "12.3(4)XH1" ) flag++; else if ( ver == "12.3(4)XK" ) flag++; else if ( ver == "12.3(4)XK1" ) flag++; else if ( ver == "12.3(4)XK2" ) flag++; else if ( ver == "12.3(4)XK3" ) flag++; else if ( ver == "12.3(4)XK4" ) flag++; else if ( ver == "12.3(4)XQ" ) flag++; else if ( ver == "12.3(4)XQ1" ) flag++; else if ( ver == "12.3(4)YE" ) flag++; else if ( ver == "12.3(4)YE1" ) flag++; else if ( ver == "12.3(7)T" ) flag++; else if ( ver == "12.3(7)T1" ) flag++; else if ( ver == "12.3(7)T10" ) flag++; else if ( ver == "12.3(7)T11" ) flag++; else if ( ver == "12.3(7)T12" ) flag++; else if ( ver == "12.3(7)T2" ) flag++; else if ( ver == "12.3(7)T3" ) flag++; else if ( ver == "12.3(7)T4" ) flag++; else if ( ver == "12.3(7)T6" ) flag++; else if ( ver == "12.3(7)T7" ) flag++; else if ( ver == "12.3(7)T8" ) flag++; else if ( ver == "12.3(7)T9" ) flag++; else if ( ver == "12.3(7)XI" ) flag++; else if ( ver == "12.3(7)XI10" ) flag++; else if ( ver == "12.3(7)XI10a" ) flag++; else if ( ver == "12.3(7)XI10b" ) flag++; else if ( ver == "12.3(7)XI1a" ) flag++; else if ( ver == "12.3(7)XI1b" ) flag++; else if ( ver == "12.3(7)XI1c" ) flag++; else if ( ver == "12.3(7)XI2" ) flag++; else if ( ver == "12.3(7)XI2a" ) flag++; else if ( ver == "12.3(7)XI2b" ) flag++; else if ( ver == "12.3(7)XI2c" ) flag++; else if ( ver == "12.3(7)XI3" ) flag++; else if ( ver == "12.3(7)XI3a" ) flag++; else if ( ver == "12.3(7)XI3b" ) flag++; else if ( ver == "12.3(7)XI4" ) flag++; else if ( ver == "12.3(7)XI5" ) flag++; else if ( ver == "12.3(7)XI6" ) flag++; else if ( ver == "12.3(7)XI7" ) flag++; else if ( ver == "12.3(7)XI7a" ) flag++; else if ( ver == "12.3(7)XI7b" ) flag++; else if ( ver == "12.3(7)XI8" ) flag++; else if ( ver == "12.3(7)XI8a" ) flag++; else if ( ver == "12.3(7)XI8c" ) flag++; else if ( ver == "12.3(7)XI8d" ) flag++; else if ( ver == "12.3(7)XI8e" ) flag++; else if ( ver == "12.3(7)XI8f" ) flag++; else if ( ver == "12.3(7)XI8g" ) flag++; else if ( ver == "12.3(7)XI9" ) flag++; else if ( ver == "12.3(7)XJ" ) flag++; else if ( ver == "12.3(7)XJ1" ) flag++; else if ( ver == "12.3(7)XJ2" ) flag++; else if ( ver == "12.3(7)XL" ) flag++; else if ( ver == "12.3(7)XM" ) flag++; else if ( ver == "12.3(7)XR" ) flag++; else if ( ver == "12.3(7)XR1" ) flag++; else if ( ver == "12.3(7)XR2" ) flag++; else if ( ver == "12.3(7)XR3" ) flag++; else if ( ver == "12.3(7)XR4" ) flag++; else if ( ver == "12.3(7)XR5" ) flag++; else if ( ver == "12.3(7)XR6" ) flag++; else if ( ver == "12.3(7)XR7" ) flag++; else if ( ver == "12.3(7)XS" ) flag++; else if ( ver == "12.3(7)XS1" ) flag++; else if ( ver == "12.3(7)XS2" ) flag++; else if ( ver == "12.3(7)YB" ) flag++; else if ( ver == "12.3(7)YB1" ) flag++; else if ( ver == "12.3(8)JEC1" ) flag++; else if ( ver == "12.3(8)JEC2" ) flag++; else if ( ver == "12.3(8)JEC3" ) flag++; else if ( ver == "12.3(8)JED" ) flag++; else if ( ver == "12.3(8)T" ) flag++; else if ( ver == "12.3(8)T0a" ) flag++; else if ( ver == "12.3(8)T1" ) flag++; else if ( ver == "12.3(8)T10" ) flag++; else if ( ver == "12.3(8)T11" ) flag++; else if ( ver == "12.3(8)T2" ) flag++; else if ( ver == "12.3(8)T3" ) flag++; else if ( ver == "12.3(8)T4" ) flag++; else if ( ver == "12.3(8)T5" ) flag++; else if ( ver == "12.3(8)T6" ) flag++; else if ( ver == "12.3(8)T7" ) flag++; else if ( ver == "12.3(8)T8" ) flag++; else if ( ver == "12.3(8)T9" ) flag++; else if ( ver == "12.3(8)XU2" ) flag++; else if ( ver == "12.3(8)XU3" ) flag++; else if ( ver == "12.3(8)XU4" ) flag++; else if ( ver == "12.3(8)XU5" ) flag++; else if ( ver == "12.3(8)XW" ) flag++; else if ( ver == "12.3(8)XW1" ) flag++; else if ( ver == "12.3(8)XW1a" ) flag++; else if ( ver == "12.3(8)XW1b" ) flag++; else if ( ver == "12.3(8)XW2" ) flag++; else if ( ver == "12.3(8)XW3" ) flag++; else if ( ver == "12.3(8)XX" ) flag++; else if ( ver == "12.3(8)XX1" ) flag++; else if ( ver == "12.3(8)XX2" ) flag++; else if ( ver == "12.3(8)XX2a" ) flag++; else if ( ver == "12.3(8)XX2b" ) flag++; else if ( ver == "12.3(8)XX2c" ) flag++; else if ( ver == "12.3(8)XX2d" ) flag++; else if ( ver == "12.3(8)XX2e" ) flag++; else if ( ver == "12.3(8)YA" ) flag++; else if ( ver == "12.3(8)YA1" ) flag++; else if ( ver == "12.3(8)YC" ) flag++; else if ( ver == "12.3(8)YC1" ) flag++; else if ( ver == "12.3(8)YC2" ) flag++; else if ( ver == "12.3(8)YC3" ) flag++; else if ( ver == "12.3(8)YD" ) flag++; else if ( ver == "12.3(8)YD1" ) flag++; else if ( ver == "12.3(8)YG" ) flag++; else if ( ver == "12.3(8)YG1" ) flag++; else if ( ver == "12.3(8)YG2" ) flag++; else if ( ver == "12.3(8)YG3" ) flag++; else if ( ver == "12.3(8)YG4" ) flag++; else if ( ver == "12.3(8)YG5" ) flag++; else if ( ver == "12.3(8)YG6" ) flag++; else if ( ver == "12.3(8)YG7" ) flag++; else if ( ver == "12.3(8)YH" ) flag++; else if ( ver == "12.3(8)YI" ) flag++; else if ( ver == "12.3(8)YI1" ) flag++; else if ( ver == "12.3(8)YI2" ) flag++; else if ( ver == "12.3(8)YI3" ) flag++; else if ( ver == "12.3(8)ZA" ) flag++; else if ( ver == "12.3(8)ZA1" ) flag++; else if ( ver == "12.4(1)" ) flag++; else if ( ver == "12.4(10)" ) flag++; else if ( ver == "12.4(10a)" ) flag++; else if ( ver == "12.4(10b)" ) flag++; else if ( ver == "12.4(10c)" ) flag++; else if ( ver == "12.4(11)MR" ) flag++; else if ( ver == "12.4(11)SW" ) flag++; else if ( ver == "12.4(11)SW1" ) flag++; else if ( ver == "12.4(11)SW2" ) flag++; else if ( ver == "12.4(11)SW3" ) flag++; else if ( ver == "12.4(11)T" ) flag++; else if ( ver == "12.4(11)T1" ) flag++; else if ( ver == "12.4(11)T2" ) flag++; else if ( ver == "12.4(11)T3" ) flag++; else if ( ver == "12.4(11)T4" ) flag++; else if ( ver == "12.4(11)XJ" ) flag++; else if ( ver == "12.4(11)XJ1" ) flag++; else if ( ver == "12.4(11)XJ2" ) flag++; else if ( ver == "12.4(11)XJ3" ) flag++; else if ( ver == "12.4(11)XJ4" ) flag++; else if ( ver == "12.4(11)XJ5" ) flag++; else if ( ver == "12.4(11)XJ6" ) flag++; else if ( ver == "12.4(11)XV" ) flag++; else if ( ver == "12.4(11)XV1" ) flag++; else if ( ver == "12.4(11)XW" ) flag++; else if ( ver == "12.4(11)XW1" ) flag++; else if ( ver == "12.4(11)XW10" ) flag++; else if ( ver == "12.4(11)XW2" ) flag++; else if ( ver == "12.4(11)XW3" ) flag++; else if ( ver == "12.4(11)XW4" ) flag++; else if ( ver == "12.4(11)XW5" ) flag++; else if ( ver == "12.4(11)XW6" ) flag++; else if ( ver == "12.4(11)XW7" ) flag++; else if ( ver == "12.4(11)XW8" ) flag++; else if ( ver == "12.4(11)XW9" ) flag++; else if ( ver == "12.4(12)" ) flag++; else if ( ver == "12.4(12a)" ) flag++; else if ( ver == "12.4(12b)" ) flag++; else if ( ver == "12.4(12c)" ) flag++; else if ( ver == "12.4(12)MR" ) flag++; else if ( ver == "12.4(12)MR1" ) flag++; else if ( ver == "12.4(12)MR2" ) flag++; else if ( ver == "12.4(13)" ) flag++; else if ( ver == "12.4(13a)" ) flag++; else if ( ver == "12.4(13b)" ) flag++; else if ( ver == "12.4(13c)" ) flag++; else if ( ver == "12.4(13d)" ) flag++; else if ( ver == "12.4(13e)" ) flag++; else if ( ver == "12.4(13f)" ) flag++; else if ( ver == "12.4(14)XK" ) flag++; else if ( ver == "12.4(15)MD" ) flag++; else if ( ver == "12.4(15)MD1" ) flag++; else if ( ver == "12.4(15)MD2" ) flag++; else if ( ver == "12.4(15)MD3" ) flag++; else if ( ver == "12.4(15)MD4" ) flag++; else if ( ver == "12.4(15)MD5" ) flag++; else if ( ver == "12.4(15)SW" ) flag++; else if ( ver == "12.4(15)SW1" ) flag++; else if ( ver == "12.4(15)SW2" ) flag++; else if ( ver == "12.4(15)SW3" ) flag++; else if ( ver == "12.4(15)SW4" ) flag++; else if ( ver == "12.4(15)SW5" ) flag++; else if ( ver == "12.4(15)SW6" ) flag++; else if ( ver == "12.4(15)SW7" ) flag++; else if ( ver == "12.4(15)SW8" ) flag++; else if ( ver == "12.4(15)SW8a" ) flag++; else if ( ver == "12.4(15)SW9" ) flag++; else if ( ver == "12.4(15)T" ) flag++; else if ( ver == "12.4(15)T1" ) flag++; else if ( ver == "12.4(15)T10" ) flag++; else if ( ver == "12.4(15)T11" ) flag++; else if ( ver == "12.4(15)T12" ) flag++; else if ( ver == "12.4(15)T13" ) flag++; else if ( ver == "12.4(15)T13b" ) flag++; else if ( ver == "12.4(15)T14" ) flag++; else if ( ver == "12.4(15)T15" ) flag++; else if ( ver == "12.4(15)T16" ) flag++; else if ( ver == "12.4(15)T17" ) flag++; else if ( ver == "12.4(15)T2" ) flag++; else if ( ver == "12.4(15)T3" ) flag++; else if ( ver == "12.4(15)T4" ) flag++; else if ( ver == "12.4(15)T5" ) flag++; else if ( ver == "12.4(15)T6" ) flag++; else if ( ver == "12.4(15)T6a" ) flag++; else if ( ver == "12.4(15)T7" ) flag++; else if ( ver == "12.4(15)T8" ) flag++; else if ( ver == "12.4(15)T9" ) flag++; else if ( ver == "12.4(15)XF" ) flag++; else if ( ver == "12.4(15)XQ" ) flag++; else if ( ver == "12.4(15)XQ1" ) flag++; else if ( ver == "12.4(15)XQ2" ) flag++; else if ( ver == "12.4(15)XQ2a" ) flag++; else if ( ver == "12.4(15)XQ2b" ) flag++; else if ( ver == "12.4(15)XQ2c" ) flag++; else if ( ver == "12.4(15)XQ2d" ) flag++; else if ( ver == "12.4(15)XQ3" ) flag++; else if ( ver == "12.4(15)XQ4" ) flag++; else if ( ver == "12.4(15)XQ5" ) flag++; else if ( ver == "12.4(15)XQ6" ) flag++; else if ( ver == "12.4(15)XQ7" ) flag++; else if ( ver == "12.4(15)XQ8" ) flag++; else if ( ver == "12.4(15)XR" ) flag++; else if ( ver == "12.4(15)XR1" ) flag++; else if ( ver == "12.4(15)XR10" ) flag++; else if ( ver == "12.4(15)XR2" ) flag++; else if ( ver == "12.4(15)XR3" ) flag++; else if ( ver == "12.4(15)XR4" ) flag++; else if ( ver == "12.4(15)XR5" ) flag++; else if ( ver == "12.4(15)XR6" ) flag++; else if ( ver == "12.4(15)XR7" ) flag++; else if ( ver == "12.4(15)XR8" ) flag++; else if ( ver == "12.4(15)XR9" ) flag++; else if ( ver == "12.4(15)XY" ) flag++; else if ( ver == "12.4(15)XY1" ) flag++; else if ( ver == "12.4(15)XY2" ) flag++; else if ( ver == "12.4(15)XY3" ) flag++; else if ( ver == "12.4(15)XY4" ) flag++; else if ( ver == "12.4(15)XY5" ) flag++; else if ( ver == "12.4(15)XZ" ) flag++; else if ( ver == "12.4(15)XZ1" ) flag++; else if ( ver == "12.4(15)XZ2" ) flag++; else if ( ver == "12.4(16)" ) flag++; else if ( ver == "12.4(16a)" ) flag++; else if ( ver == "12.4(16b)" ) flag++; else if ( ver == "12.4(16)MR1" ) flag++; else if ( ver == "12.4(16)MR2" ) flag++; else if ( ver == "12.4(17)" ) flag++; else if ( ver == "12.4(17a)" ) flag++; else if ( ver == "12.4(17b)" ) flag++; else if ( ver == "12.4(18)" ) flag++; else if ( ver == "12.4(18a)" ) flag++; else if ( ver == "12.4(18b)" ) flag++; else if ( ver == "12.4(18c)" ) flag++; else if ( ver == "12.4(18d)" ) flag++; else if ( ver == "12.4(18e)" ) flag++; else if ( ver == "12.4(19)" ) flag++; else if ( ver == "12.4(19)MR" ) flag++; else if ( ver == "12.4(19)MR1" ) flag++; else if ( ver == "12.4(19)MR2" ) flag++; else if ( ver == "12.4(19)MR3" ) flag++; else if ( ver == "12.4(1a)" ) flag++; else if ( ver == "12.4(1b)" ) flag++; else if ( ver == "12.4(1c)" ) flag++; else if ( ver == "12.4(20)MR" ) flag++; else if ( ver == "12.4(20)MR2" ) flag++; else if ( ver == "12.4(20)MRB" ) flag++; else if ( ver == "12.4(20)MRB1" ) flag++; else if ( ver == "12.4(20)T" ) flag++; else if ( ver == "12.4(20)T1" ) flag++; else if ( ver == "12.4(20)T2" ) flag++; else if ( ver == "12.4(20)T3" ) flag++; else if ( ver == "12.4(20)T4" ) flag++; else if ( ver == "12.4(20)T5" ) flag++; else if ( ver == "12.4(20)T5a" ) flag++; else if ( ver == "12.4(20)T6" ) flag++; else if ( ver == "12.4(20)YA" ) flag++; else if ( ver == "12.4(20)YA1" ) flag++; else if ( ver == "12.4(20)YA2" ) flag++; else if ( ver == "12.4(20)YA3" ) flag++; else if ( ver == "12.4(21)" ) flag++; else if ( ver == "12.4(21a)" ) flag++; else if ( ver == "12.4(21a)M1" ) flag++; else if ( ver == "12.4(22)GC1" ) flag++; else if ( ver == "12.4(22)GC1a" ) flag++; else if ( ver == "12.4(22)MD" ) flag++; else if ( ver == "12.4(22)MD1" ) flag++; else if ( ver == "12.4(22)MD2" ) flag++; else if ( ver == "12.4(22)MDA" ) flag++; else if ( ver == "12.4(22)MDA1" ) flag++; else if ( ver == "12.4(22)MDA2" ) flag++; else if ( ver == "12.4(22)MDA3" ) flag++; else if ( ver == "12.4(22)MDA4" ) flag++; else if ( ver == "12.4(22)MDA5" ) flag++; else if ( ver == "12.4(22)MDA6" ) flag++; else if ( ver == "12.4(22)T" ) flag++; else if ( ver == "12.4(22)T1" ) flag++; else if ( ver == "12.4(22)T2" ) flag++; else if ( ver == "12.4(22)T3" ) flag++; else if ( ver == "12.4(22)T4" ) flag++; else if ( ver == "12.4(22)T5" ) flag++; else if ( ver == "12.4(22)XR1" ) flag++; else if ( ver == "12.4(22)XR10" ) flag++; else if ( ver == "12.4(22)XR11" ) flag++; else if ( ver == "12.4(22)XR12" ) flag++; else if ( ver == "12.4(22)XR2" ) flag++; else if ( ver == "12.4(22)XR3" ) flag++; else if ( ver == "12.4(22)XR4" ) flag++; else if ( ver == "12.4(22)XR5" ) flag++; else if ( ver == "12.4(22)XR6" ) flag++; else if ( ver == "12.4(22)XR7" ) flag++; else if ( ver == "12.4(22)XR8" ) flag++; else if ( ver == "12.4(22)XR9" ) flag++; else if ( ver == "12.4(22)YB" ) flag++; else if ( ver == "12.4(22)YB1" ) flag++; else if ( ver == "12.4(22)YB2" ) flag++; else if ( ver == "12.4(22)YB3" ) flag++; else if ( ver == "12.4(22)YB4" ) flag++; else if ( ver == "12.4(22)YB5" ) flag++; else if ( ver == "12.4(22)YB6" ) flag++; else if ( ver == "12.4(22)YB7" ) flag++; else if ( ver == "12.4(22)YB8" ) flag++; else if ( ver == "12.4(22)YD" ) flag++; else if ( ver == "12.4(22)YD1" ) flag++; else if ( ver == "12.4(22)YD2" ) flag++; else if ( ver == "12.4(22)YD3" ) flag++; else if ( ver == "12.4(22)YD4" ) flag++; else if ( ver == "12.4(22)YE" ) flag++; else if ( ver == "12.4(22)YE1" ) flag++; else if ( ver == "12.4(22)YE2" ) flag++; else if ( ver == "12.4(22)YE3" ) flag++; else if ( ver == "12.4(22)YE4" ) flag++; else if ( ver == "12.4(22)YE5" ) flag++; else if ( ver == "12.4(22)YE6" ) flag++; else if ( ver == "12.4(23)" ) flag++; else if ( ver == "12.4(23a)" ) flag++; else if ( ver == "12.4(23b)" ) flag++; else if ( ver == "12.4(23b)M1" ) flag++; else if ( ver == "12.4(23c)" ) flag++; else if ( ver == "12.4(23d)" ) flag++; else if ( ver == "12.4(23e)" ) flag++; else if ( ver == "12.4(24)GC1" ) flag++; else if ( ver == "12.4(24)GC3" ) flag++; else if ( ver == "12.4(24)GC3a" ) flag++; else if ( ver == "12.4(24)GC4" ) flag++; else if ( ver == "12.4(24)GC5" ) flag++; else if ( ver == "12.4(24)MD" ) flag++; else if ( ver == "12.4(24)MD1" ) flag++; else if ( ver == "12.4(24)MD2" ) flag++; else if ( ver == "12.4(24)MD3" ) flag++; else if ( ver == "12.4(24)MD4" ) flag++; else if ( ver == "12.4(24)MD5" ) flag++; else if ( ver == "12.4(24)MD6" ) flag++; else if ( ver == "12.4(24)MD7" ) flag++; else if ( ver == "12.4(24)MDA" ) flag++; else if ( ver == "12.4(24)MDA1" ) flag++; else if ( ver == "12.4(24)MDA10" ) flag++; else if ( ver == "12.4(24)MDA11" ) flag++; else if ( ver == "12.4(24)MDA12" ) flag++; else if ( ver == "12.4(24)MDA13" ) flag++; else if ( ver == "12.4(24)MDA2" ) flag++; else if ( ver == "12.4(24)MDA3" ) flag++; else if ( ver == "12.4(24)MDA4" ) flag++; else if ( ver == "12.4(24)MDA5" ) flag++; else if ( ver == "12.4(24)MDA6" ) flag++; else if ( ver == "12.4(24)MDA7" ) flag++; else if ( ver == "12.4(24)MDA8" ) flag++; else if ( ver == "12.4(24)MDA9" ) flag++; else if ( ver == "12.4(24)MDB" ) flag++; else if ( ver == "12.4(24)MDB1" ) flag++; else if ( ver == "12.4(24)MDB10" ) flag++; else if ( ver == "12.4(24)MDB11" ) flag++; else if ( ver == "12.4(24)MDB12" ) flag++; else if ( ver == "12.4(24)MDB13" ) flag++; else if ( ver == "12.4(24)MDB14" ) flag++; else if ( ver == "12.4(24)MDB15" ) flag++; else if ( ver == "12.4(24)MDB16" ) flag++; else if ( ver == "12.4(24)MDB17" ) flag++; else if ( ver == "12.4(24)MDB18" ) flag++; else if ( ver == "12.4(24)MDB19" ) flag++; else if ( ver == "12.4(24)MDB3" ) flag++; else if ( ver == "12.4(24)MDB4" ) flag++; else if ( ver == "12.4(24)MDB5" ) flag++; else if ( ver == "12.4(24)MDB5a" ) flag++; else if ( ver == "12.4(24)MDB6" ) flag++; else if ( ver == "12.4(24)MDB7" ) flag++; else if ( ver == "12.4(24)MDB8" ) flag++; else if ( ver == "12.4(24)MDB9" ) flag++; else if ( ver == "12.4(24)T" ) flag++; else if ( ver == "12.4(24)T1" ) flag++; else if ( ver == "12.4(24)T10" ) flag++; else if ( ver == "12.4(24)T11" ) flag++; else if ( ver == "12.4(24)T12" ) flag++; else if ( ver == "12.4(24)T2" ) flag++; else if ( ver == "12.4(24)T3" ) flag++; else if ( ver == "12.4(24)T3e" ) flag++; else if ( ver == "12.4(24)T3f" ) flag++; else if ( ver == "12.4(24)T4" ) flag++; else if ( ver == "12.4(24)T4a" ) flag++; else if ( ver == "12.4(24)T4b" ) flag++; else if ( ver == "12.4(24)T4c" ) flag++; else if ( ver == "12.4(24)T4d" ) flag++; else if ( ver == "12.4(24)T4e" ) flag++; else if ( ver == "12.4(24)T4f" ) flag++; else if ( ver == "12.4(24)T4g" ) flag++; else if ( ver == "12.4(24)T4h" ) flag++; else if ( ver == "12.4(24)T4i" ) flag++; else if ( ver == "12.4(24)T4j" ) flag++; else if ( ver == "12.4(24)T4k" ) flag++; else if ( ver == "12.4(24)T4l" ) flag++; else if ( ver == "12.4(24)T4m" ) flag++; else if ( ver == "12.4(24)T4n" ) flag++; else if ( ver == "12.4(24)T4o" ) flag++; else if ( ver == "12.4(24)T5" ) flag++; else if ( ver == "12.4(24)T6" ) flag++; else if ( ver == "12.4(24)T7" ) flag++; else if ( ver == "12.4(24)T8" ) flag++; else if ( ver == "12.4(24)T9" ) flag++; else if ( ver == "12.4(24)YE" ) flag++; else if ( ver == "12.4(24)YE1" ) flag++; else if ( ver == "12.4(24)YE2" ) flag++; else if ( ver == "12.4(24)YE3" ) flag++; else if ( ver == "12.4(24)YE3a" ) flag++; else if ( ver == "12.4(24)YE3b" ) flag++; else if ( ver == "12.4(24)YE3c" ) flag++; else if ( ver == "12.4(24)YE3d" ) flag++; else if ( ver == "12.4(24)YE3e" ) flag++; else if ( ver == "12.4(24)YE4" ) flag++; else if ( ver == "12.4(24)YE5" ) flag++; else if ( ver == "12.4(24)YE6" ) flag++; else if ( ver == "12.4(24)YE7" ) flag++; else if ( ver == "12.4(24)YG1" ) flag++; else if ( ver == "12.4(24)YG2" ) flag++; else if ( ver == "12.4(24)YG3" ) flag++; else if ( ver == "12.4(24)YG4" ) flag++; else if ( ver == "12.4(24)YS" ) flag++; else if ( ver == "12.4(24)YS1" ) flag++; else if ( ver == "12.4(24)YS10" ) flag++; else if ( ver == "12.4(24)YS2" ) flag++; else if ( ver == "12.4(24)YS3" ) flag++; else if ( ver == "12.4(24)YS4" ) flag++; else if ( ver == "12.4(24)YS5" ) flag++; else if ( ver == "12.4(24)YS6" ) flag++; else if ( ver == "12.4(24)YS7" ) flag++; else if ( ver == "12.4(24)YS8" ) flag++; else if ( ver == "12.4(24)YS8a" ) flag++; else if ( ver == "12.4(24)YS9" ) flag++; else if ( ver == "12.4(25)" ) flag++; else if ( ver == "12.4(25a)" ) flag++; else if ( ver == "12.4(25b)" ) flag++; else if ( ver == "12.4(25c)" ) flag++; else if ( ver == "12.4(25d)" ) flag++; else if ( ver == "12.4(25e)" ) flag++; else if ( ver == "12.4(25f)" ) flag++; else if ( ver == "12.4(25g)" ) flag++; else if ( ver == "12.4(2)T" ) flag++; else if ( ver == "12.4(2)T1" ) flag++; else if ( ver == "12.4(2)T2" ) flag++; else if ( ver == "12.4(2)T3" ) flag++; else if ( ver == "12.4(2)T4" ) flag++; else if ( ver == "12.4(2)T5" ) flag++; else if ( ver == "12.4(2)T6" ) flag++; else if ( ver == "12.4(2)XA" ) flag++; else if ( ver == "12.4(2)XA1" ) flag++; else if ( ver == "12.4(2)XA2" ) flag++; else if ( ver == "12.4(2)XB" ) flag++; else if ( ver == "12.4(2)XB1" ) flag++; else if ( ver == "12.4(2)XB10" ) flag++; else if ( ver == "12.4(2)XB11" ) flag++; else if ( ver == "12.4(2)XB2" ) flag++; else if ( ver == "12.4(2)XB3" ) flag++; else if ( ver == "12.4(2)XB4" ) flag++; else if ( ver == "12.4(2)XB5" ) flag++; else if ( ver == "12.4(2)XB6" ) flag++; else if ( ver == "12.4(2)XB7" ) flag++; else if ( ver == "12.4(2)XB8" ) flag++; else if ( ver == "12.4(2)XB9" ) flag++; else if ( ver == "12.4(3)" ) flag++; else if ( ver == "12.4(3a)" ) flag++; else if ( ver == "12.4(3b)" ) flag++; else if ( ver == "12.4(3c)" ) flag++; else if ( ver == "12.4(3d)" ) flag++; else if ( ver == "12.4(3e)" ) flag++; else if ( ver == "12.4(3f)" ) flag++; else if ( ver == "12.4(3g)" ) flag++; else if ( ver == "12.4(3h)" ) flag++; else if ( ver == "12.4(3i)" ) flag++; else if ( ver == "12.4(3j)" ) flag++; else if ( ver == "12.4(4)T" ) flag++; else if ( ver == "12.4(4)T1" ) flag++; else if ( ver == "12.4(4)T2" ) flag++; else if ( ver == "12.4(4)T3" ) flag++; else if ( ver == "12.4(4)T4" ) flag++; else if ( ver == "12.4(4)T5" ) flag++; else if ( ver == "12.4(4)T6" ) flag++; else if ( ver == "12.4(4)T7" ) flag++; else if ( ver == "12.4(4)T8" ) flag++; else if ( ver == "12.4(4)XC" ) flag++; else if ( ver == "12.4(4)XC1" ) flag++; else if ( ver == "12.4(4)XC2" ) flag++; else if ( ver == "12.4(4)XC3" ) flag++; else if ( ver == "12.4(4)XC4" ) flag++; else if ( ver == "12.4(4)XC5" ) flag++; else if ( ver == "12.4(4)XC6" ) flag++; else if ( ver == "12.4(4)XC7" ) flag++; else if ( ver == "12.4(4)XD" ) flag++; else if ( ver == "12.4(4)XD1" ) flag++; else if ( ver == "12.4(4)XD10" ) flag++; else if ( ver == "12.4(4)XD11" ) flag++; else if ( ver == "12.4(4)XD12" ) flag++; else if ( ver == "12.4(4)XD2" ) flag++; else if ( ver == "12.4(4)XD3" ) flag++; else if ( ver == "12.4(4)XD4" ) flag++; else if ( ver == "12.4(4)XD5" ) flag++; else if ( ver == "12.4(4)XD6" ) flag++; else if ( ver == "12.4(4)XD7" ) flag++; else if ( ver == "12.4(4)XD8" ) flag++; else if ( ver == "12.4(4)XD9" ) flag++; else if ( ver == "12.4(5)" ) flag++; else if ( ver == "12.4(5a)" ) flag++; else if ( ver == "12.4(5a)M0" ) flag++; else if ( ver == "12.4(5b)" ) flag++; else if ( ver == "12.4(5c)" ) flag++; else if ( ver == "12.4(6)T" ) flag++; else if ( ver == "12.4(6)T1" ) flag++; else if ( ver == "12.4(6)T10" ) flag++; else if ( ver == "12.4(6)T11" ) flag++; else if ( ver == "12.4(6)T12" ) flag++; else if ( ver == "12.4(6)T2" ) flag++; else if ( ver == "12.4(6)T3" ) flag++; else if ( ver == "12.4(6)T4" ) flag++; else if ( ver == "12.4(6)T5" ) flag++; else if ( ver == "12.4(6)T5a" ) flag++; else if ( ver == "12.4(6)T5b" ) flag++; else if ( ver == "12.4(6)T5c" ) flag++; else if ( ver == "12.4(6)T5e" ) flag++; else if ( ver == "12.4(6)T5f" ) flag++; else if ( ver == "12.4(6)T6" ) flag++; else if ( ver == "12.4(6)T7" ) flag++; else if ( ver == "12.4(6)T8" ) flag++; else if ( ver == "12.4(6)T9" ) flag++; else if ( ver == "12.4(6)XE" ) flag++; else if ( ver == "12.4(6)XE1" ) flag++; else if ( ver == "12.4(6)XE2" ) flag++; else if ( ver == "12.4(6)XE3" ) flag++; else if ( ver == "12.4(6)XP" ) flag++; else if ( ver == "12.4(6)XT" ) flag++; else if ( ver == "12.4(6)XT1" ) flag++; else if ( ver == "12.4(6)XT2" ) flag++; else if ( ver == "12.4(7)" ) flag++; else if ( ver == "12.4(7a)" ) flag++; else if ( ver == "12.4(7b)" ) flag++; else if ( ver == "12.4(7c)" ) flag++; else if ( ver == "12.4(7d)" ) flag++; else if ( ver == "12.4(7e)" ) flag++; else if ( ver == "12.4(7f)" ) flag++; else if ( ver == "12.4(7g)" ) flag++; else if ( ver == "12.4(7h)" ) flag++; else if ( ver == "12.4(8)" ) flag++; else if ( ver == "12.4(8a)" ) flag++; else if ( ver == "12.4(8b)" ) flag++; else if ( ver == "12.4(8c)" ) flag++; else if ( ver == "12.4(8d)" ) flag++; else if ( ver == "12.4(9)T" ) flag++; else if ( ver == "12.4(9)T0a" ) flag++; else if ( ver == "12.4(9)T1" ) flag++; else if ( ver == "12.4(9)T2" ) flag++; else if ( ver == "12.4(9)T3" ) flag++; else if ( ver == "12.4(9)T4" ) flag++; else if ( ver == "12.4(9)T5" ) flag++; else if ( ver == "12.4(9)T6" ) flag++; else if ( ver == "12.4(9)T7" ) flag++; else if ( ver == "15.0(1)M" ) flag++; else if ( ver == "15.0(1)M1" ) flag++; else if ( ver == "15.0(1)M10" ) flag++; else if ( ver == "15.0(1)M2" ) flag++; else if ( ver == "15.0(1)M3" ) flag++; else if ( ver == "15.0(1)M4" ) flag++; else if ( ver == "15.0(1)M5" ) flag++; else if ( ver == "15.0(1)M6" ) flag++; else if ( ver == "15.0(1)M6a" ) flag++; else if ( ver == "15.0(1)M7" ) flag++; else if ( ver == "15.0(1)M8" ) flag++; else if ( ver == "15.0(1)M9" ) flag++; else if ( ver == "15.0(1)MR" ) flag++; else if ( ver == "15.0(1)S" ) flag++; else if ( ver == "15.0(1)S1" ) flag++; else if ( ver == "15.0(1)S2" ) flag++; else if ( ver == "15.0(1)S3a" ) flag++; else if ( ver == "15.0(1)S4" ) flag++; else if ( ver == "15.0(1)S4a" ) flag++; else if ( ver == "15.0(1)S5" ) flag++; else if ( ver == "15.0(1)S6" ) flag++; else if ( ver == "15.0(1)SY" ) flag++; else if ( ver == "15.0(1)SY1" ) flag++; else if ( ver == "15.0(1)SY10" ) flag++; else if ( ver == "15.0(1)SY2" ) flag++; else if ( ver == "15.0(1)SY3" ) flag++; else if ( ver == "15.0(1)SY4" ) flag++; else if ( ver == "15.0(1)SY5" ) flag++; else if ( ver == "15.0(1)SY6" ) flag++; else if ( ver == "15.0(1)SY7" ) flag++; else if ( ver == "15.0(1)SY7a" ) flag++; else if ( ver == "15.0(1)SY8" ) flag++; else if ( ver == "15.0(1)SY9" ) flag++; else if ( ver == "15.0(1)XA" ) flag++; else if ( ver == "15.0(1)XA1" ) flag++; else if ( ver == "15.0(1)XA2" ) flag++; else if ( ver == "15.0(1)XA3" ) flag++; else if ( ver == "15.0(1)XA4" ) flag++; else if ( ver == "15.0(1)XA5" ) flag++; else if ( ver == "15.0(2a)EX5" ) flag++; else if ( ver == "15.0(2a)SE9" ) flag++; else if ( ver == "15.0(2)ED" ) flag++; else if ( ver == "15.0(2)ED1" ) flag++; else if ( ver == "15.0(2)EH" ) flag++; else if ( ver == "15.0(2)EJ" ) flag++; else if ( ver == "15.0(2)EJ1" ) flag++; else if ( ver == "15.0(2)EK" ) flag++; else if ( ver == "15.0(2)EK1" ) flag++; else if ( ver == "15.0(2)EX" ) flag++; else if ( ver == "15.0(2)EX1" ) flag++; else if ( ver == "15.0(2)EX3" ) flag++; else if ( ver == "15.0(2)EX4" ) flag++; else if ( ver == "15.0(2)EX5" ) flag++; else if ( ver == "15.0(2)EX6" ) flag++; else if ( ver == "15.0(2)EX7" ) flag++; else if ( ver == "15.0(2)EY" ) flag++; else if ( ver == "15.0(2)EY1" ) flag++; else if ( ver == "15.0(2)EY3" ) flag++; else if ( ver == "15.0(2)EZ" ) flag++; else if ( ver == "15.0(2)MR" ) flag++; else if ( ver == "15.0(2)SE" ) flag++; else if ( ver == "15.0(2)SE1" ) flag++; else if ( ver == "15.0(2)SE10" ) flag++; else if ( ver == "15.0(2)SE2" ) flag++; else if ( ver == "15.0(2)SE3" ) flag++; else if ( ver == "15.0(2)SE4" ) flag++; else if ( ver == "15.0(2)SE5" ) flag++; else if ( ver == "15.0(2)SE6" ) flag++; else if ( ver == "15.0(2)SE7" ) flag++; else if ( ver == "15.0(2)SE8" ) flag++; else if ( ver == "15.0(2)SE9" ) flag++; else if ( ver == "15.1(1)MR" ) flag++; else if ( ver == "15.1(1)MR1" ) flag++; else if ( ver == "15.1(1)MR2" ) flag++; else if ( ver == "15.1(1)MR3" ) flag++; else if ( ver == "15.1(1)MR4" ) flag++; else if ( ver == "15.1(1)MR5" ) flag++; else if ( ver == "15.1(1)MR6" ) flag++; else if ( ver == "15.1(1)S" ) flag++; else if ( ver == "15.1(1)S1" ) flag++; else if ( ver == "15.1(1)S2" ) flag++; else if ( ver == "15.1(1)SG" ) flag++; else if ( ver == "15.1(1)SG1" ) flag++; else if ( ver == "15.1(1)SG2" ) flag++; else if ( ver == "15.1(1)SY" ) flag++; else if ( ver == "15.1(1)SY1" ) flag++; else if ( ver == "15.1(1)SY2" ) flag++; else if ( ver == "15.1(1)SY3" ) flag++; else if ( ver == "15.1(1)SY4" ) flag++; else if ( ver == "15.1(1)SY5" ) flag++; else if ( ver == "15.1(1)SY6" ) flag++; else if ( ver == "15.1(1)T" ) flag++; else if ( ver == "15.1(1)T1" ) flag++; else if ( ver == "15.1(1)T2" ) flag++; else if ( ver == "15.1(1)T3" ) flag++; else if ( ver == "15.1(1)T4" ) flag++; else if ( ver == "15.1(1)T5" ) flag++; else if ( ver == "15.1(1)XB" ) flag++; else if ( ver == "15.1(1)XB1" ) flag++; else if ( ver == "15.1(1)XB2" ) flag++; else if ( ver == "15.1(1)XB3" ) flag++; else if ( ver == "15.1(2)GC" ) flag++; else if ( ver == "15.1(2)GC1" ) flag++; else if ( ver == "15.1(2)GC2" ) flag++; else if ( ver == "15.1(2)S" ) flag++; else if ( ver == "15.1(2)S1" ) flag++; else if ( ver == "15.1(2)S2" ) flag++; else if ( ver == "15.1(2)SG" ) flag++; else if ( ver == "15.1(2)SG1" ) flag++; else if ( ver == "15.1(2)SG2" ) flag++; else if ( ver == "15.1(2)SG3" ) flag++; else if ( ver == "15.1(2)SG4" ) flag++; else if ( ver == "15.1(2)SG5" ) flag++; else if ( ver == "15.1(2)SG6" ) flag++; else if ( ver == "15.1(2)SG7" ) flag++; else if ( ver == "15.1(2)SG7a" ) flag++; else if ( ver == "15.1(2)SG8" ) flag++; else if ( ver == "15.1(2)SNG" ) flag++; else if ( ver == "15.1(2)SNH" ) flag++; else if ( ver == "15.1(2)SNH1" ) flag++; else if ( ver == "15.1(2)SNI" ) flag++; else if ( ver == "15.1(2)SNI1" ) flag++; else if ( ver == "15.1(2)SY" ) flag++; else if ( ver == "15.1(2)SY1" ) flag++; else if ( ver == "15.1(2)SY2" ) flag++; else if ( ver == "15.1(2)SY3" ) flag++; else if ( ver == "15.1(2)SY4" ) flag++; else if ( ver == "15.1(2)SY4a" ) flag++; else if ( ver == "15.1(2)SY5" ) flag++; else if ( ver == "15.1(2)SY6" ) flag++; else if ( ver == "15.1(2)SY7" ) flag++; else if ( ver == "15.1(2)SY8" ) flag++; else if ( ver == "15.1(2)T" ) flag++; else if ( ver == "15.1(2)T0a" ) flag++; else if ( ver == "15.1(2)T1" ) flag++; else if ( ver == "15.1(2)T2" ) flag++; else if ( ver == "15.1(2)T2a" ) flag++; else if ( ver == "15.1(2)T3" ) flag++; else if ( ver == "15.1(2)T4" ) flag++; else if ( ver == "15.1(2)T5" ) flag++; else if ( ver == "15.1(3)MR" ) flag++; else if ( ver == "15.1(3)MRA" ) flag++; else if ( ver == "15.1(3)MRA1" ) flag++; else if ( ver == "15.1(3)MRA2" ) flag++; else if ( ver == "15.1(3)MRA3" ) flag++; else if ( ver == "15.1(3)MRA4" ) flag++; else if ( ver == "15.1(3)S" ) flag++; else if ( ver == "15.1(3)S0a" ) flag++; else if ( ver == "15.1(3)S1" ) flag++; else if ( ver == "15.1(3)S2" ) flag++; else if ( ver == "15.1(3)S3" ) flag++; else if ( ver == "15.1(3)S4" ) flag++; else if ( ver == "15.1(3)S5" ) flag++; else if ( ver == "15.1(3)S5a" ) flag++; else if ( ver == "15.1(3)S6" ) flag++; else if ( ver == "15.1(3)S7" ) flag++; else if ( ver == "15.1(3)T" ) flag++; else if ( ver == "15.1(3)T1" ) flag++; else if ( ver == "15.1(3)T2" ) flag++; else if ( ver == "15.1(3)T3" ) flag++; else if ( ver == "15.1(3)T4" ) flag++; else if ( ver == "15.1(4)GC" ) flag++; else if ( ver == "15.1(4)GC1" ) flag++; else if ( ver == "15.1(4)GC2" ) flag++; else if ( ver == "15.1(4)M" ) flag++; else if ( ver == "15.1(4)M0a" ) flag++; else if ( ver == "15.1(4)M0b" ) flag++; else if ( ver == "15.1(4)M1" ) flag++; else if ( ver == "15.1(4)M10" ) flag++; else if ( ver == "15.1(4)M11" ) flag++; else if ( ver == "15.1(4)M12" ) flag++; else if ( ver == "15.1(4)M2" ) flag++; else if ( ver == "15.1(4)M3" ) flag++; else if ( ver == "15.1(4)M3a" ) flag++; else if ( ver == "15.1(4)M4" ) flag++; else if ( ver == "15.1(4)M5" ) flag++; else if ( ver == "15.1(4)M6" ) flag++; else if ( ver == "15.1(4)M7" ) flag++; else if ( ver == "15.1(4)M8" ) flag++; else if ( ver == "15.1(4)M9" ) flag++; else if ( ver == "15.1(4)XB4" ) flag++; else if ( ver == "15.1(4)XB5" ) flag++; else if ( ver == "15.1(4)XB5a" ) flag++; else if ( ver == "15.1(4)XB6" ) flag++; else if ( ver == "15.1(4)XB7" ) flag++; else if ( ver == "15.1(4)XB8" ) flag++; else if ( ver == "15.1(4)XB8a" ) flag++; else if ( ver == "15.2(1)E" ) flag++; else if ( ver == "15.2(1)E1" ) flag++; else if ( ver == "15.2(1)E2" ) flag++; else if ( ver == "15.2(1)E3" ) flag++; else if ( ver == "15.2(1)EY" ) flag++; else if ( ver == "15.2(1)EY1" ) flag++; else if ( ver == "15.2(1)EY2" ) flag++; else if ( ver == "15.2(1)GC" ) flag++; else if ( ver == "15.2(1)GC1" ) flag++; else if ( ver == "15.2(1)GC2" ) flag++; else if ( ver == "15.2(1)S" ) flag++; else if ( ver == "15.2(1)S1" ) flag++; else if ( ver == "15.2(1)S2" ) flag++; else if ( ver == "15.2(1)SY" ) flag++; else if ( ver == "15.2(1)SY0a" ) flag++; else if ( ver == "15.2(1)SY1" ) flag++; else if ( ver == "15.2(1)SY1a" ) flag++; else if ( ver == "15.2(1)SY2" ) flag++; else if ( ver == "15.2(1)T" ) flag++; else if ( ver == "15.2(1)T1" ) flag++; else if ( ver == "15.2(1)T2" ) flag++; else if ( ver == "15.2(1)T3" ) flag++; else if ( ver == "15.2(1)T3a" ) flag++; else if ( ver == "15.2(1)T4" ) flag++; else if ( ver == "15.2(2a)E1" ) flag++; else if ( ver == "15.2(2b)E" ) flag++; else if ( ver == "15.2(2)E" ) flag++; else if ( ver == "15.2(2)E1" ) flag++; else if ( ver == "15.2(2)E2" ) flag++; else if ( ver == "15.2(2)E3" ) flag++; else if ( ver == "15.2(2)E4" ) flag++; else if ( ver == "15.2(2)E5" ) flag++; else if ( ver == "15.2(2)E6" ) flag++; else if ( ver == "15.2(2)EA1" ) flag++; else if ( ver == "15.2(2)EA2" ) flag++; else if ( ver == "15.2(2)EA3" ) flag++; else if ( ver == "15.2(2)EB" ) flag++; else if ( ver == "15.2(2)EB1" ) flag++; else if ( ver == "15.2(2)EB2" ) flag++; else if ( ver == "15.2(2)GC" ) flag++; else if ( ver == "15.2(2)S" ) flag++; else if ( ver == "15.2(2)S1" ) flag++; else if ( ver == "15.2(2)S2" ) flag++; else if ( ver == "15.2(2)SNG" ) flag++; else if ( ver == "15.2(2)SNH" ) flag++; else if ( ver == "15.2(2)SNH1" ) flag++; else if ( ver == "15.2(2)SNI" ) flag++; else if ( ver == "15.2(2)SY" ) flag++; else if ( ver == "15.2(2)SY1" ) flag++; else if ( ver == "15.2(2)SY2" ) flag++; else if ( ver == "15.2(2)T" ) flag++; else if ( ver == "15.2(2)T1" ) flag++; else if ( ver == "15.2(2)T2" ) flag++; else if ( ver == "15.2(2)T3" ) flag++; else if ( ver == "15.2(2)T4" ) flag++; else if ( ver == "15.2(3a)E" ) flag++; else if ( ver == "15.2(3a)E1" ) flag++; else if ( ver == "15.2(3)E" ) flag++; else if ( ver == "15.2(3)E1" ) flag++; else if ( ver == "15.2(3)E2" ) flag++; else if ( ver == "15.2(3)E2a" ) flag++; else if ( ver == "15.2(3)E3" ) flag++; else if ( ver == "15.2(3)EA" ) flag++; else if ( ver == "15.2(3)EA1" ) flag++; else if ( ver == "15.2(3)EX" ) flag++; else if ( ver == "15.2(3)GC" ) flag++; else if ( ver == "15.2(3)GC1" ) flag++; else if ( ver == "15.2(3)GCA" ) flag++; else if ( ver == "15.2(3)GCA1" ) flag++; else if ( ver == "15.2(3m)E2" ) flag++; else if ( ver == "15.2(3m)E3" ) flag++; else if ( ver == "15.2(3m)E5" ) flag++; else if ( ver == "15.2(3m)E6" ) flag++; else if ( ver == "15.2(3m)E7" ) flag++; else if ( ver == "15.2(3)T" ) flag++; else if ( ver == "15.2(3)T1" ) flag++; else if ( ver == "15.2(3)T2" ) flag++; else if ( ver == "15.2(3)T3" ) flag++; else if ( ver == "15.2(3)T4" ) flag++; else if ( ver == "15.2(3)XA" ) flag++; else if ( ver == "15.2(4)E" ) flag++; else if ( ver == "15.2(4)E1" ) flag++; else if ( ver == "15.2(4)E2" ) flag++; else if ( ver == "15.2(4)E3" ) flag++; else if ( ver == "15.2(4)EA" ) flag++; else if ( ver == "15.2(4)EA1" ) flag++; else if ( ver == "15.2(4)EA2" ) flag++; else if ( ver == "15.2(4)EA3" ) flag++; else if ( ver == "15.2(4)EA4" ) flag++; else if ( ver == "15.2(4)EB" ) flag++; else if ( ver == "15.2(4)EC" ) flag++; else if ( ver == "15.2(4)EC1" ) flag++; else if ( ver == "15.2(4)GC" ) flag++; else if ( ver == "15.2(4)GC1" ) flag++; else if ( ver == "15.2(4)GC2" ) flag++; else if ( ver == "15.2(4)GC3" ) flag++; else if ( ver == "15.2(4)M" ) flag++; else if ( ver == "15.2(4)M1" ) flag++; else if ( ver == "15.2(4)M10" ) flag++; else if ( ver == "15.2(4)M2" ) flag++; else if ( ver == "15.2(4)M3" ) flag++; else if ( ver == "15.2(4)M4" ) flag++; else if ( ver == "15.2(4)M5" ) flag++; else if ( ver == "15.2(4)M6" ) flag++; else if ( ver == "15.2(4)M6a" ) flag++; else if ( ver == "15.2(4)M6b" ) flag++; else if ( ver == "15.2(4)M7" ) flag++; else if ( ver == "15.2(4)M8" ) flag++; else if ( ver == "15.2(4)M9" ) flag++; else if ( ver == "15.2(4m)E1" ) flag++; else if ( ver == "15.2(4m)E3" ) flag++; else if ( ver == "15.2(4)S" ) flag++; else if ( ver == "15.2(4)S1" ) flag++; else if ( ver == "15.2(4)S2" ) flag++; else if ( ver == "15.2(4)S3" ) flag++; else if ( ver == "15.2(4)S3a" ) flag++; else if ( ver == "15.2(4)S4" ) flag++; else if ( ver == "15.2(4)S4a" ) flag++; else if ( ver == "15.2(4)S5" ) flag++; else if ( ver == "15.2(4)S6" ) flag++; else if ( ver == "15.2(4)S7" ) flag++; else if ( ver == "15.2(4)S8" ) flag++; else if ( ver == "15.2(4)XB10" ) flag++; else if ( ver == "15.2(4)XB11" ) flag++; else if ( ver == "15.2(5a)E" ) flag++; else if ( ver == "15.2(5b)E" ) flag++; else if ( ver == "15.2(5)E" ) flag++; else if ( ver == "15.2(5)E1" ) flag++; else if ( ver == "15.2(5)EA" ) flag++; else if ( ver == "15.3(0)SY" ) flag++; else if ( ver == "15.3(1)S" ) flag++; else if ( ver == "15.3(1)S1" ) flag++; else if ( ver == "15.3(1)S1e" ) flag++; else if ( ver == "15.3(1)S2" ) flag++; else if ( ver == "15.3(1)SY" ) flag++; else if ( ver == "15.3(1)SY1" ) flag++; else if ( ver == "15.3(1)T" ) flag++; else if ( ver == "15.3(1)T1" ) flag++; else if ( ver == "15.3(1)T2" ) flag++; else if ( ver == "15.3(1)T3" ) flag++; else if ( ver == "15.3(1)T4" ) flag++; else if ( ver == "15.3(2)S" ) flag++; else if ( ver == "15.3(2)S0a" ) flag++; else if ( ver == "15.3(2)S1" ) flag++; else if ( ver == "15.3(2)S2" ) flag++; else if ( ver == "15.3(2)T" ) flag++; else if ( ver == "15.3(2)T1" ) flag++; else if ( ver == "15.3(2)T2" ) flag++; else if ( ver == "15.3(2)T3" ) flag++; else if ( ver == "15.3(2)T4" ) flag++; else if ( ver == "15.3(3)M" ) flag++; else if ( ver == "15.3(3)M1" ) flag++; else if ( ver == "15.3(3)M2" ) flag++; else if ( ver == "15.3(3)M3" ) flag++; else if ( ver == "15.3(3)M4" ) flag++; else if ( ver == "15.3(3)M5" ) flag++; else if ( ver == "15.3(3)M6" ) flag++; else if ( ver == "15.3(3)M7" ) flag++; else if ( ver == "15.3(3)M8" ) flag++; else if ( ver == "15.3(3)S" ) flag++; else if ( ver == "15.3(3)S1" ) flag++; else if ( ver == "15.3(3)S1a" ) flag++; else if ( ver == "15.3(3)S2" ) flag++; else if ( ver == "15.3(3)S2a" ) flag++; else if ( ver == "15.3(3)S3" ) flag++; else if ( ver == "15.3(3)S4" ) flag++; else if ( ver == "15.3(3)S5" ) flag++; else if ( ver == "15.3(3)S6" ) flag++; else if ( ver == "15.3(3)S6a" ) flag++; else if ( ver == "15.3(3)S7" ) flag++; else if ( ver == "15.3(3)S8" ) flag++; else if ( ver == "15.3(3)XB12" ) flag++; else if ( ver == "15.4(1)CG" ) flag++; else if ( ver == "15.4(1)CG1" ) flag++; else if ( ver == "15.4(1)S" ) flag++; else if ( ver == "15.4(1)S1" ) flag++; else if ( ver == "15.4(1)S2" ) flag++; else if ( ver == "15.4(1)S3" ) flag++; else if ( ver == "15.4(1)S4" ) flag++; else if ( ver == "15.4(1)SY" ) flag++; else if ( ver == "15.4(1)SY1" ) flag++; else if ( ver == "15.4(1)T" ) flag++; else if ( ver == "15.4(1)T1" ) flag++; else if ( ver == "15.4(1)T2" ) flag++; else if ( ver == "15.4(1)T3" ) flag++; else if ( ver == "15.4(1)T4" ) flag++; else if ( ver == "15.4(2)CG" ) flag++; else if ( ver == "15.4(2)S" ) flag++; else if ( ver == "15.4(2)S1" ) flag++; else if ( ver == "15.4(2)S2" ) flag++; else if ( ver == "15.4(2)S3" ) flag++; else if ( ver == "15.4(2)S4" ) flag++; else if ( ver == "15.4(2)SN" ) flag++; else if ( ver == "15.4(2)SN1" ) flag++; else if ( ver == "15.4(2)T" ) flag++; else if ( ver == "15.4(2)T1" ) flag++; else if ( ver == "15.4(2)T2" ) flag++; else if ( ver == "15.4(2)T3" ) flag++; else if ( ver == "15.4(2)T4" ) flag++; else if ( ver == "15.4(3)M" ) flag++; else if ( ver == "15.4(3)M1" ) flag++; else if ( ver == "15.4(3)M2" ) flag++; else if ( ver == "15.4(3)M3" ) flag++; else if ( ver == "15.4(3)M4" ) flag++; else if ( ver == "15.4(3)M5" ) flag++; else if ( ver == "15.4(3)M6" ) flag++; else if ( ver == "15.4(3)S" ) flag++; else if ( ver == "15.4(3)S0d" ) flag++; else if ( ver == "15.4(3)S0e" ) flag++; else if ( ver == "15.4(3)S0f" ) flag++; else if ( ver == "15.4(3)S1" ) flag++; else if ( ver == "15.4(3)S2" ) flag++; else if ( ver == "15.4(3)S3" ) flag++; else if ( ver == "15.4(3)S4" ) flag++; else if ( ver == "15.4(3)S5" ) flag++; else if ( ver == "15.4(3)S5a" ) flag++; else if ( ver == "15.4(3)S6" ) flag++; else if ( ver == "15.4(3)S7" ) flag++; else if ( ver == "15.4(3)SN1" ) flag++; else if ( ver == "15.4(3)SN1a" ) flag++; else if ( ver == "15.4(3)SN2" ) flag++; else if ( ver == "15.5(1)S" ) flag++; else if ( ver == "15.5(1)S1" ) flag++; else if ( ver == "15.5(1)S2" ) flag++; else if ( ver == "15.5(1)S3" ) flag++; else if ( ver == "15.5(1)S4" ) flag++; else if ( ver == "15.5(1)SN" ) flag++; else if ( ver == "15.5(1)SN1" ) flag++; else if ( ver == "15.5(1)T" ) flag++; else if ( ver == "15.5(1)T1" ) flag++; else if ( ver == "15.5(1)T2" ) flag++; else if ( ver == "15.5(1)T3" ) flag++; else if ( ver == "15.5(1)T4" ) flag++; else if ( ver == "15.5(2)S" ) flag++; else if ( ver == "15.5(2)S1" ) flag++; else if ( ver == "15.5(2)S2" ) flag++; else if ( ver == "15.5(2)S3" ) flag++; else if ( ver == "15.5(2)S4" ) flag++; else if ( ver == "15.5(2)SN" ) flag++; else if ( ver == "15.5(2)SN0a" ) flag++; else if ( ver == "15.5(2)T" ) flag++; else if ( ver == "15.5(2)T1" ) flag++; else if ( ver == "15.5(2)T2" ) flag++; else if ( ver == "15.5(2)T3" ) flag++; else if ( ver == "15.5(2)T4" ) flag++; else if ( ver == "15.5(2)XB" ) flag++; else if ( ver == "15.5(3)M" ) flag++; else if ( ver == "15.5(3)M0a" ) flag++; else if ( ver == "15.5(3)M1" ) flag++; else if ( ver == "15.5(3)M2" ) flag++; else if ( ver == "15.5(3)M2a" ) flag++; else if ( ver == "15.5(3)M3" ) flag++; else if ( ver == "15.5(3)S" ) flag++; else if ( ver == "15.5(3)S0a" ) flag++; else if ( ver == "15.5(3)S1" ) flag++; else if ( ver == "15.5(3)S1a" ) flag++; else if ( ver == "15.5(3)S2" ) flag++; else if ( ver == "15.5(3)S2a" ) flag++; else if ( ver == "15.5(3)S2b" ) flag++; else if ( ver == "15.5(3)S3" ) flag++; else if ( ver == "15.5(3)S4b" ) flag++; else if ( ver == "15.5(3)SN" ) flag++; else if ( ver == "15.5(3)SN0a" ) flag++; else if ( ver == "15.6(1)S" ) flag++; else if ( ver == "15.6(1)S1" ) flag++; else if ( ver == "15.6(1)S1a" ) flag++; else if ( ver == "15.6(1)S2" ) flag++; else if ( ver == "15.6(1)SN" ) flag++; else if ( ver == "15.6(1)SN1" ) flag++; else if ( ver == "15.6(1)T" ) flag++; else if ( ver == "15.6(1)T0a" ) flag++; else if ( ver == "15.6(1)T1" ) flag++; else if ( ver == "15.6(1)T2" ) flag++; else if ( ver == "15.6(2)S" ) flag++; else if ( ver == "15.6(2)S0a" ) flag++; else if ( ver == "15.6(2)S1" ) flag++; else if ( ver == "15.6(2)SN" ) flag++; else if ( ver == "15.6(2)SP" ) flag++; else if ( ver == "15.6(2)SP1" ) flag++; else if ( ver == "15.6(2)T" ) flag++; else if ( ver == "15.6(2)T0a" ) flag++; else if ( ver == "15.6(2)T1" ) flag++; else if ( ver == "15.6(3)M" ) flag++; # Check that IKEv1 config or IKEv1 is running cmd_list = make_list(); if (flag && get_kb_item("Host/local_checks_enabled")) { flag = 0; # Check for condition 1, IKEv1 config buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config","show running-config"); if (check_cisco_result(buf)) { if ( "crypto gdoi" >< buf || "crypto map" >< buf || "tunnel protection ipsec" >< buf ) { flag = 1; cmd_list = make_list("show running-config"); } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } # Check for condition 2, IKEv1 is running if (flag) { flag = 0; pat = "(\d+.\d+.\d+.\d+|.*:.*|UNKNOWN|--any--)\s+(500|848|4500|4848)\s"; buf = cisco_command_kb_item("Host/Cisco/Config/show_ip_sockets","show ip sockets"); if (!flag) { if (check_cisco_result(buf)) { if ( preg(multiline:TRUE, pattern:pat, string:buf) ) { flag = 1; cmd_list = make_list(cmd_list, "show ip sockets"); } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } } if (!flag) { buf = cisco_command_kb_item("Host/Cisco/Config/show_udp","show udp"); if (check_cisco_result(buf)) { if ( preg(multiline:TRUE, pattern:pat, string:buf) ) { flag = 1; cmd_list = make_list(cmd_list, "show udp"); } } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; } } } } if (flag) { security_report_cisco( port : 0, severity : SECURITY_WARNING, override : override, version : ver, bug_id : "CSCvb29204", cmds : cmd_list ); } else audit(AUDIT_HOST_NOT, "affected");
The Hacker News
id | THN:425E35018D9F6A7EB2378DEB5FC8A65C |
last seen | 2018-01-27 |
modified | 2016-09-20 |
published | 2016-09-19 |
reporter | Mohit Kumar |
source | https://thehackernews.com/2016/09/cisco-nsa-exploit.html |
title | Cisco finds new Zero-Day Exploit linked to NSA Hackers |
Related news
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1
- http://www.securityfocus.com/bid/93003
- http://www.securityfocus.com/bid/93003
- http://www.securitytracker.com/id/1036841
- http://www.securitytracker.com/id/1036841