Information Leakage Using IPv6 Routing Header in Cisco IOS and Cisco IOS XR - Cisco Systems

2010-09-01T00:00:00
ID CISCO-SA-20070808-IOS-IPV6-LEAK.NASL
Type nessus
Reporter Tenable
Modified 2014-08-11T00:00:00

Description

Cisco IOS and Cisco IOS XR contain a vulnerability when processing specially crafted IPv6 packets with a Type 0 Routing Header present. Exploitation of this vulnerability can lead to information leakage on affected IOS and IOS XR devices, and may also result in a crash of the affected IOS device. Successful exploitation on an affected device running Cisco IOS XR will not result in a crash of the device itself, but may result in a crash of the IPv6 subsystem. Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability.

                                        
                                            #TRUSTED 772e03f186aaa38c8d72d093ff518d4a9cd9514077d7c0e68079d10b13cc0ecafc0c7755ade9e031ddaa913d470e5d7a3cd367ef7677d6220f2efa9256c0e21e9e5bb6b0bec4eadd35f0b3d00bc89ed15e553ec654bf135b181c62c208109b93bd5a4f29956b76b03d469f28f93b2f722a674decbd450f64a72ec30603e9f6c76638a7c5d53c1fd621faf8f5d8bfb0312e41853eeb44c6c70bb9385c5c45210b5d0300cc82c70d70500a0da7b5ecdebde3a21959e45aa844a7793a88ed2d9baeca3ac32cdd02e80e371ccd4e8087c7a6c3b0175861a6f01011c34d3a6dd7156cbc4343ce48724d5b539f6e9da80312627cf589387fb031187a1acf94549d91b5054480ca6994bb70f29b3f0b2d8d22747525e7b32cb093f7804aab6dd58128bf8ec3f4c09e3c71176df02eb58496d563f158fbbdf0db25eda81dcd8f8b96f1b4d115fe8dfb3a78357520149240d6aa26b367c3dd314775a1a488ba1ee7b15c891da931f2b3810a00c4aa9b5b3cd377aa0b45e5afb5a2d0527c4d16febb9b2ceeddb7f21398855490aceee08deb7112f8842f8c85bbd388ab7e4b244f72c8f05ee4a23c3fe41402871bdf0c4867522ed12d527d430155144f5f009e6e7a7a47ea41c406fcc44bae7e754aa9918316c43157ce476af4fd7efe4e8888e53b5b76fdbcf4a166426bcfa70fdf449b053ba0212f251eaf6fbb2e76a238f7efecf5e6dc
#
# (C) Tenable Network Security, Inc.
#
# Security advisory is (C) CISCO, Inc.
# See http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml

include("compat.inc");

if (description)
{
 script_id(49006);
 script_version("1.15");
 script_set_attribute(attribute:"plugin_modification_date", value:"2014/08/11");
 script_cve_id("CVE-2007-4285");
 script_osvdb_id(36665, 36666);
 script_name(english:"Information Leakage Using IPv6 Routing Header in Cisco IOS and Cisco IOS XR - Cisco Systems");
 script_summary(english:"Checks the IOS version.");
 script_set_attribute(attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch.");
 script_set_attribute(attribute:"description", value:
'Cisco IOS and Cisco IOS XR contain a vulnerability when processing
specially crafted IPv6 packets with a Type 0 Routing Header present.
Exploitation of this vulnerability can lead to information leakage on
affected IOS and IOS XR devices, and may also result in a crash of the
affected IOS device. Successful exploitation on an affected device
running Cisco IOS XR will not result in a crash of the device itself,
but may result in a crash of the IPv6 subsystem.
 Cisco has made free software available to address this vulnerability
for affected customers. There are workarounds available to mitigate the
effects of the vulnerability.
');
 # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-IOS-IPv6-leak
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b2a79cc3");
 # http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?d1931780");
 script_set_attribute(attribute:"solution", value:
"Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20070808-IOS-IPv6-leak.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C");
 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");

 script_set_attribute(attribute:"vuln_publication_date", value:"2007/08/08");
 script_set_attribute(attribute:"patch_publication_date", value:"2007/08/08");
 script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/01");

 script_end_attributes();
 script_xref(name:"CISCO-BUG-ID", value:"CSCef77013");
 script_xref(name:"CISCO-BUG-ID", value:"CSCsi74127");
 script_xref(name:"CISCO-BUG-ID", value:"CSCsi741273");
 script_xref(name:"CISCO-SA", value:"cisco-sa-20070808-IOS-IPv6-leak");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is (C) 2010-2014 Tenable Network Security, Inc.");
 script_family(english:"CISCO");
 script_dependencie("cisco_ios_version.nasl");
 script_require_keys("Host/Cisco/IOS/Version");
 exit(0);
}

include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");

flag = 0;
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
override = 0;

if (version == '12.3(8)ZA') flag++;
else if (version == '12.3(11)YZ1') flag++;
else if (version == '12.3(11)YZ') flag++;
else if (version == '12.3(11)YK2') flag++;
else if (version == '12.3(11)YK1') flag++;
else if (version == '12.3(11)YK') flag++;
else if (version == '12.3(11)YJ') flag++;
else if (version == '12.3(8)YI3') flag++;
else if (version == '12.3(8)YI2') flag++;
else if (version == '12.3(8)YI1') flag++;
else if (version == '12.3(8)YH') flag++;
else if (version == '12.3(8)YG5') flag++;
else if (version == '12.3(8)YG4') flag++;
else if (version == '12.3(8)YG3') flag++;
else if (version == '12.3(8)YG2') flag++;
else if (version == '12.3(8)YG1') flag++;
else if (version == '12.3(8)YG') flag++;
else if (version == '12.3(11)YF4') flag++;
else if (version == '12.3(11)YF3') flag++;
else if (version == '12.3(11)YF2') flag++;
else if (version == '12.3(11)YF1') flag++;
else if (version == '12.3(11)YF') flag++;
else if (version == '12.3(8)YD1') flag++;
else if (version == '12.3(8)YD') flag++;
else if (version == '12.3(8)YA1') flag++;
else if (version == '12.3(8)YA') flag++;
else if (version == '12.3(2)XZ2') flag++;
else if (version == '12.3(2)XZ1') flag++;
else if (version == '12.3(2)XZ') flag++;
else if (version == '12.3(8)XX2d') flag++;
else if (version == '12.3(8)XX1') flag++;
else if (version == '12.3(8)XX') flag++;
else if (version == '12.3(8)XW3') flag++;
else if (version == '12.3(8)XW2') flag++;
else if (version == '12.3(8)XW1') flag++;
else if (version == '12.3(8)XW') flag++;
else if (version == '12.3(8)XU5') flag++;
else if (version == '12.3(8)XU4') flag++;
else if (version == '12.3(8)XU3') flag++;
else if (version == '12.3(8)XU2') flag++;
else if (version == '12.3(8)XU1') flag++;
else if (version == '12.3(8)XU') flag++;
else if (version == '12.3(7)XS2') flag++;
else if (version == '12.3(7)XS1') flag++;
else if (version == '12.3(7)XS') flag++;
else if (version == '12.3(7)XR6') flag++;
else if (version == '12.3(7)XR5') flag++;
else if (version == '12.3(7)XR4') flag++;
else if (version == '12.3(7)XR3') flag++;
else if (version == '12.3(7)XR2') flag++;
else if (version == '12.3(7)XR') flag++;
else if (version == '12.3(4)XQ1') flag++;
else if (version == '12.3(4)XQ') flag++;
else if (version == '12.3(11)XL1') flag++;
else if (version == '12.3(11)XL') flag++;
else if (version == '12.3(4)XK4') flag++;
else if (version == '12.3(4)XK3') flag++;
else if (version == '12.3(4)XK2') flag++;
else if (version == '12.3(4)XK1') flag++;
else if (version == '12.3(4)XK') flag++;
else if (version == '12.3(7)XJ2') flag++;
else if (version == '12.3(7)XJ1') flag++;
else if (version == '12.3(7)XJ') flag++;
else if (version == '12.3(7)XI8') flag++;
else if (version == '12.3(7)XI7b') flag++;
else if (version == '12.3(7)XI7a') flag++;
else if (version == '12.3(7)XI7') flag++;
else if (version == '12.3(7)XI6') flag++;
else if (version == '12.3(7)XI5') flag++;
else if (version == '12.3(7)XI4') flag++;
else if (version == '12.3(7)XI3') flag++;
else if (version == '12.3(7)XI2') flag++;
else if (version == '12.3(7)XI1') flag++;
else if (version == '12.3(4)XG5') flag++;
else if (version == '12.3(4)XG4') flag++;
else if (version == '12.3(4)XG3') flag++;
else if (version == '12.3(4)XG2') flag++;
else if (version == '12.3(4)XG1') flag++;
else if (version == '12.3(4)XG') flag++;
else if (version == '12.3(2)XF') flag++;
else if (version == '12.3(2)XE1') flag++;
else if (version == '12.3(2)XE') flag++;
else if (version == '12.3(4)XD4') flag++;
else if (version == '12.3(4)XD3') flag++;
else if (version == '12.3(4)XD2') flag++;
else if (version == '12.3(4)XD1') flag++;
else if (version == '12.3(4)XD') flag++;
else if (version == '12.3(2)XC3') flag++;
else if (version == '12.3(2)XC2') flag++;
else if (version == '12.3(2)XC1') flag++;
else if (version == '12.3(2)XC') flag++;
else if (version == '12.3(2)XB3') flag++;
else if (version == '12.3(2)XB1') flag++;
else if (version == '12.3(2)XB') flag++;
else if (version == '12.3(2)XA4') flag++;
else if (version == '12.3(2)XA2') flag++;
else if (version == '12.3(2)XA1') flag++;
else if (version == '12.3(2)XA') flag++;
else if (version == '12.3(11)T9') flag++;
else if (version == '12.3(11)T8') flag++;
else if (version == '12.3(11)T7') flag++;
else if (version == '12.3(11)T6') flag++;
else if (version == '12.3(11)T5') flag++;
else if (version == '12.3(11)T4') flag++;
else if (version == '12.3(11)T3') flag++;
else if (version == '12.3(11)T2') flag++;
else if (version == '12.3(11)T11') flag++;
else if (version == '12.3(11)T10') flag++;
else if (version == '12.3(11)T') flag++;
else if (version == '12.3(8)T9') flag++;
else if (version == '12.3(8)T8') flag++;
else if (version == '12.3(8)T7') flag++;
else if (version == '12.3(8)T6') flag++;
else if (version == '12.3(8)T5') flag++;
else if (version == '12.3(8)T4') flag++;
else if (version == '12.3(8)T3') flag++;
else if (version == '12.3(8)T11') flag++;
else if (version == '12.3(8)T10') flag++;
else if (version == '12.3(8)T1') flag++;
else if (version == '12.3(8)T') flag++;
else if (version == '12.3(7)T9') flag++;
else if (version == '12.3(7)T8') flag++;
else if (version == '12.3(7)T7') flag++;
else if (version == '12.3(7)T6') flag++;
else if (version == '12.3(7)T4') flag++;
else if (version == '12.3(7)T3') flag++;
else if (version == '12.3(7)T2') flag++;
else if (version == '12.3(7)T12') flag++;
else if (version == '12.3(7)T11') flag++;
else if (version == '12.3(7)T10') flag++;
else if (version == '12.3(7)T1') flag++;
else if (version == '12.3(7)T') flag++;
else if (version == '12.3(4)T9') flag++;
else if (version == '12.3(4)T8') flag++;
else if (version == '12.3(4)T7') flag++;
else if (version == '12.3(4)T6') flag++;
else if (version == '12.3(4)T4') flag++;
else if (version == '12.3(4)T3') flag++;
else if (version == '12.3(4)T2a') flag++;
else if (version == '12.3(4)T2') flag++;
else if (version == '12.3(4)T13') flag++;
else if (version == '12.3(4)T11') flag++;
else if (version == '12.3(4)T10') flag++;
else if (version == '12.3(4)T1') flag++;
else if (version == '12.3(4)T') flag++;
else if (version == '12.3(2)T9') flag++;
else if (version == '12.3(2)T8') flag++;
else if (version == '12.3(2)T7') flag++;
else if (version == '12.3(2)T6') flag++;
else if (version == '12.3(2)T5') flag++;
else if (version == '12.3(2)T4') flag++;
else if (version == '12.3(2)T3') flag++;
else if (version == '12.3(2)T2') flag++;
else if (version == '12.3(2)T1') flag++;
else if (version == '12.3(2)T') flag++;
else if (version == '12.3(1a)BW') flag++;
else if (version == '12.3(13a)BC6') flag++;
else if (version == '12.3(13a)BC5') flag++;
else if (version == '12.3(13a)BC4') flag++;
else if (version == '12.3(13a)BC3') flag++;
else if (version == '12.3(13a)BC2') flag++;
else if (version == '12.3(13a)BC1') flag++;
else if (version == '12.3(13a)BC') flag++;
else if (version == '12.3(9a)BC9') flag++;
else if (version == '12.3(9a)BC8') flag++;
else if (version == '12.3(9a)BC7') flag++;
else if (version == '12.3(9a)BC6') flag++;
else if (version == '12.3(9a)BC5') flag++;
else if (version == '12.3(9a)BC4') flag++;
else if (version == '12.3(9a)BC3') flag++;
else if (version == '12.3(9a)BC2') flag++;
else if (version == '12.3(9a)BC1') flag++;
else if (version == '12.3(9a)BC') flag++;
else if (version == '12.3(5a)B5') flag++;
else if (version == '12.3(5a)B4') flag++;
else if (version == '12.3(5a)B3') flag++;
else if (version == '12.3(5a)B2') flag++;
else if (version == '12.3(5a)B1') flag++;
else if (version == '12.3(5a)B') flag++;
else if (version == '12.3(3)B1') flag++;
else if (version == '12.3(3)B') flag++;
else if (version == '12.3(1a)B') flag++;
else if (version == '12.3(13b)') flag++;
else if (version == '12.3(13a)') flag++;
else if (version == '12.3(13)') flag++;
else if (version == '12.3(12e)') flag++;
else if (version == '12.3(12d)') flag++;
else if (version == '12.3(12c)') flag++;
else if (version == '12.3(12b)') flag++;
else if (version == '12.3(12a)') flag++;
else if (version == '12.3(12)') flag++;
else if (version == '12.3(10f)') flag++;
else if (version == '12.3(10e)') flag++;
else if (version == '12.3(10d)') flag++;
else if (version == '12.3(10c)') flag++;
else if (version == '12.3(10b)') flag++;
else if (version == '12.3(10a)') flag++;
else if (version == '12.3(10)') flag++;
else if (version == '12.3(9e)') flag++;
else if (version == '12.3(9d)') flag++;
else if (version == '12.3(9c)') flag++;
else if (version == '12.3(9b)') flag++;
else if (version == '12.3(9a)') flag++;
else if (version == '12.3(9)') flag++;
else if (version == '12.3(6f)') flag++;
else if (version == '12.3(6e)') flag++;
else if (version == '12.3(6c)') flag++;
else if (version == '12.3(6b)') flag++;
else if (version == '12.3(6a)') flag++;
else if (version == '12.3(6)') flag++;
else if (version == '12.3(5f)') flag++;
else if (version == '12.3(5e)') flag++;
else if (version == '12.3(5d)') flag++;
else if (version == '12.3(5c)') flag++;
else if (version == '12.3(5b)') flag++;
else if (version == '12.3(5a)') flag++;
else if (version == '12.3(5)') flag++;
else if (version == '12.3(3i)') flag++;
else if (version == '12.3(3h)') flag++;
else if (version == '12.3(3g)') flag++;
else if (version == '12.3(3f)') flag++;
else if (version == '12.3(3e)') flag++;
else if (version == '12.3(3c)') flag++;
else if (version == '12.3(3b)') flag++;
else if (version == '12.3(3a)') flag++;
else if (version == '12.3(3)') flag++;
else if (version == '12.3(1a)') flag++;
else if (version == '12.3(1)') flag++;
else if (version == '12.2(15)ZL1') flag++;
else if (version == '12.2(15)ZL') flag++;
else if (version == '12.2(15)ZJ5') flag++;
else if (version == '12.2(15)ZJ3') flag++;
else if (version == '12.2(15)ZJ2') flag++;
else if (version == '12.2(15)ZJ1') flag++;
else if (version == '12.2(15)ZJ') flag++;
else if (version == '12.2(13)ZH8') flag++;
else if (version == '12.2(13)ZH7') flag++;
else if (version == '12.2(13)ZH6') flag++;
else if (version == '12.2(13)ZH5') flag++;
else if (version == '12.2(13)ZH4') flag++;
else if (version == '12.2(13)ZH3') flag++;
else if (version == '12.2(13)ZH2') flag++;
else if (version == '12.2(13)ZH') flag++;
else if (version == '12.2(13)ZF2') flag++;
else if (version == '12.2(13)ZF1') flag++;
else if (version == '12.2(13)ZF') flag++;
else if (version == '12.2(13)ZE') flag++;
else if (version == '12.2(13)ZD4') flag++;
else if (version == '12.2(13)ZD3') flag++;
else if (version == '12.2(13)ZD2') flag++;
else if (version == '12.2(13)ZD1') flag++;
else if (version == '12.2(13)ZD') flag++;
else if (version == '12.2(8)ZB8') flag++;
else if (version == '12.2(8)ZB7') flag++;
else if (version == '12.2(8)ZB6') flag++;
else if (version == '12.2(8)ZB5') flag++;
else if (version == '12.2(8)ZB4a') flag++;
else if (version == '12.2(8)ZB4') flag++;
else if (version == '12.2(8)ZB3') flag++;
else if (version == '12.2(8)ZB2') flag++;
else if (version == '12.2(8)ZB1') flag++;
else if (version == '12.2(8)ZB') flag++;
else if (version == '12.2(14)ZA7') flag++;
else if (version == '12.2(14)ZA6') flag++;
else if (version == '12.2(14)ZA5') flag++;
else if (version == '12.2(14)ZA4') flag++;
else if (version == '12.2(14)ZA3') flag++;
else if (version == '12.2(14)ZA2') flag++;
else if (version == '12.2(14)ZA1') flag++;
else if (version == '12.2(14)ZA') flag++;
else if (version == '12.2(9)ZA') flag++;
else if (version == '12.2(11)YZ2') flag++;
else if (version == '12.2(11)YZ1') flag++;
else if (version == '12.2(11)YZ') flag++;
else if (version == '12.2(8)YY4') flag++;
else if (version == '12.2(8)YY3') flag++;
else if (version == '12.2(8)YY2') flag++;
else if (version == '12.2(8)YY1') flag++;
else if (version == '12.2(8)YY') flag++;
else if (version == '12.2(11)YX1') flag++;
else if (version == '12.2(11)YX') flag++;
else if (version == '12.2(8)YW3') flag++;
else if (version == '12.2(8)YW2') flag++;
else if (version == '12.2(8)YW1') flag++;
else if (version == '12.2(8)YW') flag++;
else if (version == '12.2(11)YV1') flag++;
else if (version == '12.2(11)YV') flag++;
else if (version == '12.2(11)YU') flag++;
else if (version == '12.2(11)YT2') flag++;
else if (version == '12.2(11)YT1') flag++;
else if (version == '12.2(11)YT') flag++;
else if (version == '12.2(11)YR') flag++;
else if (version == '12.2(11)YQ') flag++;
else if (version == '12.2(8)YN1') flag++;
else if (version == '12.2(8)YN') flag++;
else if (version == '12.2(8)YM') flag++;
else if (version == '12.2(8)YL') flag++;
else if (version == '12.2(8)YJ1') flag++;
else if (version == '12.2(8)YJ') flag++;
else if (version == '12.2(4)YH') flag++;
else if (version == '12.2(4)YF') flag++;
else if (version == '12.2(9)YE') flag++;
else if (version == '12.2(8)YD3') flag++;
else if (version == '12.2(8)YD2') flag++;
else if (version == '12.2(8)YD1') flag++;
else if (version == '12.2(8)YD') flag++;
else if (version == '12.2(4)YB') flag++;
else if (version == '12.2(4)YA9') flag++;
else if (version == '12.2(4)YA8') flag++;
else if (version == '12.2(4)YA7') flag++;
else if (version == '12.2(4)YA6') flag++;
else if (version == '12.2(4)YA2') flag++;
else if (version == '12.2(4)YA12') flag++;
else if (version == '12.2(4)YA11') flag++;
else if (version == '12.2(4)YA10') flag++;
else if (version == '12.2(4)YA1') flag++;
else if (version == '12.2(4)YA') flag++;
else if (version == '12.2(4)XW') flag++;
else if (version == '12.2(4)XV5') flag++;
else if (version == '12.2(4)XV4a') flag++;
else if (version == '12.2(4)XV4') flag++;
else if (version == '12.2(4)XV3') flag++;
else if (version == '12.2(4)XV2') flag++;
else if (version == '12.2(4)XV1') flag++;
else if (version == '12.2(4)XV') flag++;
else if (version == '12.2(2)XU') flag++;
else if (version == '12.2(2)XT3') flag++;
else if (version == '12.2(2)XT2') flag++;
else if (version == '12.2(2)XT') flag++;
else if (version == '12.2(2)XQ1') flag++;
else if (version == '12.2(2)XQ') flag++;
else if (version == '12.2(2)XN') flag++;
else if (version == '12.2(4)XM4') flag++;
else if (version == '12.2(4)XM3') flag++;
else if (version == '12.2(4)XM2') flag++;
else if (version == '12.2(4)XM') flag++;
else if (version == '12.2(4)XL6') flag++;
else if (version == '12.2(4)XL5') flag++;
else if (version == '12.2(4)XL4') flag++;
else if (version == '12.2(4)XL3') flag++;
else if (version == '12.2(4)XL2') flag++;
else if (version == '12.2(4)XL1') flag++;
else if (version == '12.2(4)XL') flag++;
else if (version == '12.2(2)XK3') flag++;
else if (version == '12.2(2)XK2') flag++;
else if (version == '12.2(2)XK') flag++;
else if (version == '12.2(2)XJ') flag++;
else if (version == '12.2(2)XI2') flag++;
else if (version == '12.2(2)XI1') flag++;
else if (version == '12.2(2)XI') flag++;
else if (version == '12.2(2)XH2') flag++;
else if (version == '12.2(2)XH1') flag++;
else if (version == '12.2(2)XH') flag++;
else if (version == '12.2(2)XG1') flag++;
else if (version == '12.2(2)XG') flag++;
else if (version == '12.2(4)XF1') flag++;
else if (version == '12.2(1)XD4') flag++;
else if (version == '12.2(1)XD3') flag++;
else if (version == '12.2(1)XD2') flag++;
else if (version == '12.2(1)XD1') flag++;
else if (version == '12.2(1)XD') flag++;
else if (version == '12.2(2)XC2') flag++;
else if (version == '12.2(2)XC1') flag++;
else if (version == '12.2(2)XC') flag++;
else if (version == '12.2(2)XB8') flag++;
else if (version == '12.2(2)XB7') flag++;
else if (version == '12.2(2)XB6') flag++;
else if (version == '12.2(2)XB5') flag++;
else if (version == '12.2(2)XB3') flag++;
else if (version == '12.2(2)XB2') flag++;
else if (version == '12.2(2)XB15') flag++;
else if (version == '12.2(2)XB14') flag++;
else if (version == '12.2(2)XB12') flag++;
else if (version == '12.2(2)XB11') flag++;
else if (version == '12.2(2)XB10') flag++;
else if (version == '12.2(2)XB1') flag++;
else if (version == '12.2(2)XA5') flag++;
else if (version == '12.2(2)XA4') flag++;
else if (version == '12.2(2)XA3') flag++;
else if (version == '12.2(2)XA2') flag++;
else if (version == '12.2(2)XA1') flag++;
else if (version == '12.2(2)XA') flag++;
else if (version == '12.2(8)TPC10b') flag++;
else if (version == '12.2(8)TPC10a') flag++;
else if (version == '12.2(15)T9') flag++;
else if (version == '12.2(15)T8') flag++;
else if (version == '12.2(15)T7') flag++;
else if (version == '12.2(15)T5') flag++;
else if (version == '12.2(15)T4e') flag++;
else if (version == '12.2(15)T4') flag++;
else if (version == '12.2(15)T2') flag++;
else if (version == '12.2(15)T16') flag++;
else if (version == '12.2(15)T15') flag++;
else if (version == '12.2(15)T14') flag++;
else if (version == '12.2(15)T13') flag++;
else if (version == '12.2(15)T12') flag++;
else if (version == '12.2(15)T11') flag++;
else if (version == '12.2(15)T10') flag++;
else if (version == '12.2(15)T1') flag++;
else if (version == '12.2(15)T') flag++;
else if (version == '12.2(13)T9') flag++;
else if (version == '12.2(13)T8') flag++;
else if (version == '12.2(13)T5') flag++;
else if (version == '12.2(13)T4') flag++;
else if (version == '12.2(13)T3') flag++;
else if (version == '12.2(13)T2') flag++;
else if (version == '12.2(13)T16') flag++;
else if (version == '12.2(13)T14') flag++;
else if (version == '12.2(13)T13') flag++;
else if (version == '12.2(13)T12') flag++;
else if (version == '12.2(13)T11') flag++;
else if (version == '12.2(13)T10') flag++;
else if (version == '12.2(13)T1a') flag++;
else if (version == '12.2(13)T1') flag++;
else if (version == '12.2(13)T') flag++;
else if (version == '12.2(11)T9') flag++;
else if (version == '12.2(11)T8') flag++;
else if (version == '12.2(11)T6') flag++;
else if (version == '12.2(11)T5') flag++;
else if (version == '12.2(11)T3') flag++;
else if (version == '12.2(11)T2') flag++;
else if (version == '12.2(11)T11') flag++;
else if (version == '12.2(11)T10') flag++;
else if (version == '12.2(11)T1') flag++;
else if (version == '12.2(11)T') flag++;
else if (version == '12.2(8)T8') flag++;
else if (version == '12.2(8)T5') flag++;
else if (version == '12.2(8)T4') flag++;
else if (version == '12.2(8)T3') flag++;
else if (version == '12.2(8)T2') flag++;
else if (version == '12.2(8)T10') flag++;
else if (version == '12.2(8)T1') flag++;
else if (version == '12.2(8)T') flag++;
else if (version == '12.2(4)T7') flag++;
else if (version == '12.2(4)T6') flag++;
else if (version == '12.2(4)T5') flag++;
else if (version == '12.2(4)T3') flag++;
else if (version == '12.2(4)T2') flag++;
else if (version == '12.2(4)T1') flag++;
else if (version == '12.2(4)T') flag++;
else if (version == '12.2(2)T4') flag++;
else if (version == '12.2(2)T3') flag++;
else if (version == '12.2(2)T2') flag++;
else if (version == '12.2(2)T1') flag++;
else if (version == '12.2(2)T') flag++;
else if (version == '12.2(14)SZ6') flag++;
else if (version == '12.2(14)SZ5') flag++;
else if (version == '12.2(14)SZ4') flag++;
else if (version == '12.2(14)SZ3') flag++;
else if (version == '12.2(14)SZ2') flag++;
else if (version == '12.2(14)SZ1') flag++;
else if (version == '12.2(14)SZ') flag++;
else if (version == '12.2(14)SY5') flag++;
else if (version == '12.2(14)SY4') flag++;
else if (version == '12.2(14)SY3') flag++;
else if (version == '12.2(14)SY2') flag++;
else if (version == '12.2(14)SY1') flag++;
else if (version == '12.2(14)SY') flag++;
else if (version == '12.2(18)SXD7b') flag++;
else if (version == '12.2(18)SXD7a') flag++;
else if (version == '12.2(18)SXD7') flag++;
else if (version == '12.2(18)SXD6') flag++;
else if (version == '12.2(18)SXD5') flag++;
else if (version == '12.2(18)SXD4') flag++;
else if (version == '12.2(18)SXD3') flag++;
else if (version == '12.2(18)SXD2') flag++;
else if (version == '12.2(18)SXD1') flag++;
else if (version == '12.2(18)SXD') flag++;
else if (version == '12.2(17d)SXB9') flag++;
else if (version == '12.2(17d)SXB8') flag++;
else if (version == '12.2(17d)SXB7') flag++;
else if (version == '12.2(17d)SXB6') flag++;
else if (version == '12.2(17d)SXB5') flag++;
else if (version == '12.2(17d)SXB4') flag++;
else if (version == '12.2(17d)SXB3') flag++;
else if (version == '12.2(17d)SXB2') flag++;
else if (version == '12.2(17d)SXB11a') flag++;
else if (version == '12.2(17d)SXB11') flag++;
else if (version == '12.2(17d)SXB10') flag++;
else if (version == '12.2(17d)SXB1') flag++;
else if (version == '12.2(17d)SXB') flag++;
else if (version == '12.2(17b)SXA2') flag++;
else if (version == '12.2(17b)SXA') flag++;
else if (version == '12.2(17a)SX4') flag++;
else if (version == '12.2(17a)SX3') flag++;
else if (version == '12.2(17a)SX2') flag++;
else if (version == '12.2(17a)SX1') flag++;
else if (version == '12.2(17a)SX') flag++;
else if (version == '12.2(14)SX2') flag++;
else if (version == '12.2(14)SX1') flag++;
else if (version == '12.2(14)SX') flag++;
else if (version == '12.2(25)SW9') flag++;
else if (version == '12.2(25)SW8') flag++;
else if (version == '12.2(25)SW7') flag++;
else if (version == '12.2(25)SW6') flag++;
else if (version == '12.2(25)SW5') flag++;
else if (version == '12.2(25)SW4a') flag++;
else if (version == '12.2(25)SW4') flag++;
else if (version == '12.2(25)SW3a') flag++;
else if (version == '12.2(25)SW3') flag++;
else if (version == '12.2(25)SW2') flag++;
else if (version == '12.2(25)SW10') flag++;
else if (version == '12.2(25)SW1') flag++;
else if (version == '12.2(23)SW1') flag++;
else if (version == '12.2(23)SW') flag++;
else if (version == '12.2(21)SW1') flag++;
else if (version == '12.2(21)SW') flag++;
else if (version == '12.2(25)SV2') flag++;
else if (version == '12.2(24)SV1') flag++;
else if (version == '12.2(23)SV1') flag++;
else if (version == '12.2(22)SV1') flag++;
else if (version == '12.2(18)SV3') flag++;
else if (version == '12.2(14)SU2') flag++;
else if (version == '12.2(14)SU1') flag++;
else if (version == '12.2(14)SU') flag++;
else if (version == '12.2(25)SG1') flag++;
else if (version == '12.2(25)SG') flag++;
else if (version == '12.2(25)SEG1') flag++;
else if (version == '12.2(25)SEG') flag++;
else if (version == '12.2(25)SEE3') flag++;
else if (version == '12.2(25)SEE2') flag++;
else if (version == '12.2(25)SEE1') flag++;
else if (version == '12.2(25)SEE') flag++;
else if (version == '12.2(25)SED1') flag++;
else if (version == '12.2(25)SED') flag++;
else if (version == '12.2(25)SEC2') flag++;
else if (version == '12.2(25)SEC1') flag++;
else if (version == '12.2(25)SEC') flag++;
else if (version == '12.2(25)SEB4') flag++;
else if (version == '12.2(25)SEB3') flag++;
else if (version == '12.2(25)SEB2') flag++;
else if (version == '12.2(25)SEB1') flag++;
else if (version == '12.2(25)SEB') flag++;
else if (version == '12.2(25)SEA') flag++;
else if (version == '12.2(25)S9') flag++;
else if (version == '12.2(25)S8') flag++;
else if (version == '12.2(25)S7') flag++;
else if (version == '12.2(25)S6') flag++;
else if (version == '12.2(25)S5') flag++;
else if (version == '12.2(25)S4') flag++;
else if (version == '12.2(25)S3') flag++;
else if (version == '12.2(25)S2') flag++;
else if (version == '12.2(25)S12') flag++;
else if (version == '12.2(25)S11') flag++;
else if (version == '12.2(25)S10') flag++;
else if (version == '12.2(25)S1') flag++;
else if (version == '12.2(25)S') flag++;
else if (version == '12.2(22)S2') flag++;
else if (version == '12.2(22)S1') flag++;
else if (version == '12.2(22)S') flag++;
else if (version == '12.2(20)S9') flag++;
else if (version == '12.2(20)S8') flag++;
else if (version == '12.2(20)S7') flag++;
else if (version == '12.2(20)S6') flag++;
else if (version == '12.2(20)S5') flag++;
else if (version == '12.2(20)S4') flag++;
else if (version == '12.2(20)S3') flag++;
else if (version == '12.2(20)S2') flag++;
else if (version == '12.2(20)S13') flag++;
else if (version == '12.2(20)S12') flag++;
else if (version == '12.2(20)S11') flag++;
else if (version == '12.2(20)S10') flag++;
else if (version == '12.2(20)S1') flag++;
else if (version == '12.2(20)S') flag++;
else if (version == '12.2(18)S9') flag++;
else if (version == '12.2(18)S8') flag++;
else if (version == '12.2(18)S7') flag++;
else if (version == '12.2(18)S6') flag++;
else if (version == '12.2(18)S5') flag++;
else if (version == '12.2(18)S4') flag++;
else if (version == '12.2(18)S3') flag++;
else if (version == '12.2(18)S2') flag++;
else if (version == '12.2(18)S12') flag++;
else if (version == '12.2(18)S11') flag++;
else if (version == '12.2(18)S10') flag++;
else if (version == '12.2(18)S1') flag++;
else if (version == '12.2(18)S') flag++;
else if (version == '12.2(14)S9') flag++;
else if (version == '12.2(14)S8') flag++;
else if (version == '12.2(14)S7') flag++;
else if (version == '12.2(14)S5') flag++;
else if (version == '12.2(14)S3') flag++;
else if (version == '12.2(14)S2') flag++;
else if (version == '12.2(14)S18') flag++;
else if (version == '12.2(14)S17') flag++;
else if (version == '12.2(14)S16') flag++;
else if (version == '12.2(14)S15') flag++;
else if (version == '12.2(14)S14') flag++;
else if (version == '12.2(14)S13') flag++;
else if (version == '12.2(14)S12') flag++;
else if (version == '12.2(14)S11') flag++;
else if (version == '12.2(14)S10') flag++;
else if (version == '12.2(14)S1') flag++;
else if (version == '12.2(14)S') flag++;
else if (version == '12.2(9)S') flag++;
else if (version == '12.2(15)MC2i') flag++;
else if (version == '12.2(15)MC2g') flag++;
else if (version == '12.2(15)MC2f') flag++;
else if (version == '12.2(15)MC2e') flag++;
else if (version == '12.2(15)MC2c') flag++;
else if (version == '12.2(15)MC2b') flag++;
else if (version == '12.2(15)MC2a') flag++;
else if (version == '12.2(15)MC1c') flag++;
else if (version == '12.2(15)MC1b') flag++;
else if (version == '12.2(15)MC1a') flag++;
else if (version == '12.2(15)MC1') flag++;
else if (version == '12.2(8)MC2d') flag++;
else if (version == '12.2(8)MC2c') flag++;
else if (version == '12.2(8)MC2b') flag++;
else if (version == '12.2(8)MC2') flag++;
else if (version == '12.2(8)MC1') flag++;
else if (version == '12.2(25)FZ') flag++;
else if (version == '12.2(25)EZ1') flag++;
else if (version == '12.2(25)EZ') flag++;
else if (version == '12.2(25)EWA9') flag++;
else if (version == '12.2(25)EWA8') flag++;
else if (version == '12.2(25)EWA7') flag++;
else if (version == '12.2(25)EWA6') flag++;
else if (version == '12.2(25)EWA5') flag++;
else if (version == '12.2(25)EWA4') flag++;
else if (version == '12.2(25)EWA3') flag++;
else if (version == '12.2(25)EWA2') flag++;
else if (version == '12.2(25)EWA1') flag++;
else if (version == '12.2(25)EWA') flag++;
else if (version == '12.2(20)EWA4') flag++;
else if (version == '12.2(20)EWA3') flag++;
else if (version == '12.2(20)EWA2') flag++;
else if (version == '12.2(20)EWA1') flag++;
else if (version == '12.2(20)EWA') flag++;
else if (version == '12.2(25)EW') flag++;
else if (version == '12.2(20)EW4') flag++;
else if (version == '12.2(20)EW3') flag++;
else if (version == '12.2(20)EW2') flag++;
else if (version == '12.2(20)EW1') flag++;
else if (version == '12.2(20)EW') flag++;
else if (version == '12.2(20)EU2') flag++;
else if (version == '12.2(20)EU1') flag++;
else if (version == '12.2(20)EU') flag++;
else if (version == '12.2(2)DX3') flag++;
else if (version == '12.2(1)DX1') flag++;
else if (version == '12.2(1)DX') flag++;
else if (version == '12.2(2)DD4') flag++;
else if (version == '12.2(2)DD3') flag++;
else if (version == '12.2(2)DD2') flag++;
else if (version == '12.2(2)DD1') flag++;
else if (version == '12.2(2)DD') flag++;
else if (version == '12.2(15)CX1') flag++;
else if (version == '12.2(15)CX') flag++;
else if (version == '12.2(11)CX1') flag++;
else if (version == '12.2(11)CX') flag++;
else if (version == '12.2(8)BY2') flag++;
else if (version == '12.2(8)BY1') flag++;
else if (version == '12.2(8)BY') flag++;
else if (version == '12.2(16)BX3') flag++;
else if (version == '12.2(16)BX2') flag++;
else if (version == '12.2(16)BX1') flag++;
else if (version == '12.2(16)BX') flag++;
else if (version == '12.2(2)BX1') flag++;
else if (version == '12.2(2)BX') flag++;
else if (version == '12.2(4)BW2') flag++;
else if (version == '12.2(4)BW1a') flag++;
else if (version == '12.2(4)BW1') flag++;
else if (version == '12.2(4)BW') flag++;
else if (version == '12.2(15)BC2i') flag++;
else if (version == '12.2(15)BC2h') flag++;
else if (version == '12.2(15)BC2g') flag++;
else if (version == '12.2(15)BC2f') flag++;
else if (version == '12.2(15)BC2e') flag++;
else if (version == '12.2(15)BC2c') flag++;
else if (version == '12.2(15)BC2b') flag++;
else if (version == '12.2(15)BC2a') flag++;
else if (version == '12.2(15)BC2') flag++;
else if (version == '12.2(15)BC1g') flag++;
else if (version == '12.2(15)BC1f') flag++;
else if (version == '12.2(15)BC1d') flag++;
else if (version == '12.2(15)BC1c') flag++;
else if (version == '12.2(15)BC1b') flag++;
else if (version == '12.2(15)BC1a') flag++;
else if (version == '12.2(15)BC1') flag++;
else if (version == '12.2(11)BC3d') flag++;
else if (version == '12.2(11)BC3c') flag++;
else if (version == '12.2(11)BC3b') flag++;
else if (version == '12.2(11)BC3a') flag++;
else if (version == '12.2(11)BC3') flag++;
else if (version == '12.2(11)BC2') flag++;
else if (version == '12.2(11)BC1b') flag++;
else if (version == '12.2(11)BC1a') flag++;
else if (version == '12.2(11)BC1') flag++;
else if (version == '12.2(8)BC2a') flag++;
else if (version == '12.2(8)BC2') flag++;
else if (version == '12.2(8)BC1') flag++;
else if (version == '12.2(4)BC1b') flag++;
else if (version == '12.2(4)BC1a') flag++;
else if (version == '12.2(4)BC1') flag++;
else if (version == '12.2(16)B2') flag++;
else if (version == '12.2(16)B1') flag++;
else if (version == '12.2(16)B') flag++;
else if (version == '12.2(15)B') flag++;
else if (version == '12.2(4)B8') flag++;
else if (version == '12.2(4)B7') flag++;
else if (version == '12.2(4)B6') flag++;
else if (version == '12.2(4)B5') flag++;
else if (version == '12.2(4)B4') flag++;
else if (version == '12.2(4)B3') flag++;
else if (version == '12.2(4)B2') flag++;
else if (version == '12.2(4)B1') flag++;
else if (version == '12.2(4)B') flag++;
else if (version == '12.2(2)B7') flag++;
else if (version == '12.2(2)B6') flag++;
else if (version == '12.2(2)B5') flag++;
else if (version == '12.2(2)B4') flag++;
else if (version == '12.2(2)B3') flag++;
else if (version == '12.2(2)B2') flag++;
else if (version == '12.2(2)B1') flag++;
else if (version == '12.2(2)B') flag++;
else if (version == '12.1(5)YD6') flag++;
else if (version == '12.1(5)YD5') flag++;
else if (version == '12.1(5)YD4') flag++;
else if (version == '12.1(5)YD3') flag++;
else if (version == '12.1(5)YD2') flag++;
else if (version == '12.1(5)YD1') flag++;
else if (version == '12.1(5)YD') flag++;
else if (version == '12.1(5)YC3') flag++;
else if (version == '12.1(5)YC2') flag++;
else if (version == '12.1(5)YC1') flag++;
else if (version == '12.1(5)YC') flag++;
else if (version == '12.1(5)YB5') flag++;
else if (version == '12.1(5)YB4') flag++;
else if (version == '12.1(5)YB1') flag++;
else if (version == '12.1(5)YB') flag++;
else if (version == '12.1(5)XV') flag++;
else if (version == '12.1(5)XU1') flag++;
else if (version == '12.1(5)XU') flag++;
else if (version == '12.0(23)SZ3') flag++;
else if (version == '12.0(21)SZ') flag++;
else if (version == '12.0(32)SY3') flag++;
else if (version == '12.0(32)SY2') flag++;
else if (version == '12.0(32)SY1') flag++;
else if (version == '12.0(32)SY') flag++;
else if (version == '12.0(28)SW1') flag++;
else if (version == '12.0(21)ST7') flag++;
else if (version == '12.0(21)ST6a') flag++;
else if (version == '12.0(21)ST6') flag++;
else if (version == '12.0(21)ST5') flag++;
else if (version == '12.0(21)ST4') flag++;
else if (version == '12.0(21)ST3a') flag++;
else if (version == '12.0(21)ST3') flag++;
else if (version == '12.0(21)ST2b') flag++;
else if (version == '12.0(21)ST2a') flag++;
else if (version == '12.0(21)ST2') flag++;
else if (version == '12.0(21)ST1') flag++;
else if (version == '12.0(21)ST') flag++;
else if (version == '12.0(20)ST2') flag++;
else if (version == '12.0(19)ST6') flag++;
else if (version == '12.0(19)ST5') flag++;
else if (version == '12.0(19)ST4') flag++;
else if (version == '12.0(19)ST3') flag++;
else if (version == '12.0(19)ST2') flag++;
else if (version == '12.0(19)ST1') flag++;
else if (version == '12.0(32)S7') flag++;
else if (version == '12.0(32)S6') flag++;
else if (version == '12.0(32)S5') flag++;
else if (version == '12.0(32)S4') flag++;
else if (version == '12.0(32)S3d') flag++;
else if (version == '12.0(32)S3') flag++;
else if (version == '12.0(32)S2') flag++;
else if (version == '12.0(32)S1') flag++;
else if (version == '12.0(32)S') flag++;
else if (version == '12.0(31)S6') flag++;
else if (version == '12.0(31)S5') flag++;
else if (version == '12.0(31)S4') flag++;
else if (version == '12.0(31)S3') flag++;
else if (version == '12.0(31)S2') flag++;
else if (version == '12.0(31)S1') flag++;
else if (version == '12.0(31)S') flag++;
else if (version == '12.0(30)S5') flag++;
else if (version == '12.0(30)S4') flag++;
else if (version == '12.0(30)S3') flag++;
else if (version == '12.0(30)S2') flag++;
else if (version == '12.0(30)S1') flag++;
else if (version == '12.0(30)S') flag++;
else if (version == '12.0(29)S1') flag++;
else if (version == '12.0(29)S') flag++;
else if (version == '12.0(28)S6') flag++;
else if (version == '12.0(28)S5') flag++;
else if (version == '12.0(28)S4') flag++;
else if (version == '12.0(28)S3') flag++;
else if (version == '12.0(28)S2') flag++;
else if (version == '12.0(28)S1') flag++;
else if (version == '12.0(28)S') flag++;
else if (version == '12.0(27)S5') flag++;
else if (version == '12.0(27)S4') flag++;
else if (version == '12.0(27)S3') flag++;
else if (version == '12.0(27)S2a') flag++;
else if (version == '12.0(27)S2') flag++;
else if (version == '12.0(27)S1') flag++;
else if (version == '12.0(27)S') flag++;
else if (version == '12.0(26)S6') flag++;
else if (version == '12.0(26)S5') flag++;
else if (version == '12.0(26)S4') flag++;
else if (version == '12.0(26)S3') flag++;
else if (version == '12.0(26)S2c') flag++;
else if (version == '12.0(26)S2') flag++;
else if (version == '12.0(26)S1') flag++;
else if (version == '12.0(26)S') flag++;
else if (version == '12.0(25)S4') flag++;
else if (version == '12.0(25)S3') flag++;
else if (version == '12.0(25)S2') flag++;
else if (version == '12.0(25)S1d') flag++;
else if (version == '12.0(25)S1c') flag++;
else if (version == '12.0(25)S1b') flag++;
else if (version == '12.0(25)S1a') flag++;
else if (version == '12.0(25)S1') flag++;
else if (version == '12.0(25)S') flag++;
else if (version == '12.0(24)S6') flag++;
else if (version == '12.0(24)S5') flag++;
else if (version == '12.0(24)S4a') flag++;
else if (version == '12.0(24)S4') flag++;
else if (version == '12.0(24)S3') flag++;
else if (version == '12.0(24)S2b') flag++;
else if (version == '12.0(24)S2a') flag++;
else if (version == '12.0(24)S2') flag++;
else if (version == '12.0(24)S1') flag++;
else if (version == '12.0(24)S') flag++;
else if (version == '12.0(23)S6a') flag++;
else if (version == '12.0(23)S6') flag++;
else if (version == '12.0(23)S5') flag++;
else if (version == '12.0(23)S4') flag++;
else if (version == '12.0(23)S3c') flag++;
else if (version == '12.0(23)S3b') flag++;
else if (version == '12.0(23)S3a') flag++;
else if (version == '12.0(23)S3') flag++;
else if (version == '12.0(23)S2a') flag++;
else if (version == '12.0(23)S2') flag++;
else if (version == '12.0(23)S1') flag++;
else if (version == '12.0(23)S') flag++;
else if (version == '12.0(22)S6') flag++;
else if (version == '12.0(22)S5a') flag++;
else if (version == '12.0(22)S5') flag++;
else if (version == '12.0(22)S4a') flag++;
else if (version == '12.0(22)S4') flag++;
else if (version == '12.0(22)S3c') flag++;
else if (version == '12.0(22)S3b') flag++;
else if (version == '12.0(22)S3a') flag++;
else if (version == '12.0(22)S3') flag++;
else if (version == '12.0(22)S2') flag++;
else if (version == '12.0(22)S1') flag++;
else if (version == '12.0(22)S') flag++;


if (get_kb_item("Host/local_checks_enabled"))
{
  if (flag)
  {
    flag = 0;
    buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config");
    if (check_cisco_result(buf))
    {
      if (preg(pattern:"ipv6 address", multiline:TRUE, string:buf)) { flag = 1; }
    } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }
  }
}

if (flag)
{
  security_hole(port:0, extra:cisco_caveat(override));
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");