Cisco Security Advisory: Combined IOS Table for January 24, 2007 Security Advisories

On January 24 2007, Cisco released three security advisories. This document is provided for reference to customers who wish to upgrade to one version of Cisco IOSŽ software that has all the fixes from the three advisories. The three advisories are available at:

Also on January 24, 2007, Cisco released a field notice regarding the United States mandate for changes to the start and stop dates of Daylight Savings Time (DST) within the United States. The field notice and valid workarounds for DST changes are available at http://www.cisco.com/warp/public/770/fn62613.shtml.

To assist customers in their software migration strategies, a Software Versions and Fixes table is shown below that captures the first fixed release of Cisco IOS for the three advisories listed above. Releases marked with an asterisk (*) also contain the DST changes.

Software Versions and Fixes

When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.

In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center ("TAC") or your contracted maintenance provider for assistance.

Each row of the Cisco IOS software table (below) describes a release train and the platforms or products for which it is intended. If a given release train is vulnerable, then the earliest possible releases that contain the fix (the "First Fixed Release") and the anticipated date of availability for each are listed in the "Rebuild" and "Maintenance" columns. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. The release should be upgraded at least to the indicated release or a later version (greater than or equal to the First Fixed Release label).

For more information on the terms "Rebuild" and "Maintenance," consult the following URL: http://www.cisco.com/warp/public/620/1.html

Major Release	Availability of Repaired Releases
Affected 12.0-Based Release	Rebuild	Maintenance
12.0	Vulnerable; migrate to 12.2(37) or later
12.0DA	Vulnerable; migrate to 12.2(10)DA5 or later
12.0DB	Vulnerable; migrate to 12.3(4)T13 or later
12.0DC	Vulnerable; migrate to 12.3(4)T13 or later
12.0S	12.0(32)S4
12.0SC	Vulnerable; migrate to 12.3(17b)BC3 or later
12.0SL	Vulnerable; migrate to 12.0(32)S4 or later
12.0SP	Vulnerable; migrate to 12.0(32)S4 or later
12.0ST	Vulnerable; migrate to 12.0(32)S4 or later
12.0SX	12.0(25)SX11
12.0SX	Note: 12.0(30)SX is the only 12.0SX release vulnerable to CSCef67682 and CSCsd40334; contact TAC
12.0SY		12.0(32)SY
12.0SZ	Vulnerable; migrate to 12.0(32)S4 or later
12.0T	Vulnerable; migrate to 12.2(37) or later
12.0W	12.0(28)W5(32b)
12.0WC	12.0(5)WC15
12.0WT	Vulnerable; contact TAC
12.0XA	Vulnerable; migrate to 12.2(37) or later
12.0XB	Vulnerable; migrate to 12.2(37) or later
12.0XC	Vulnerable; migrate to 12.2(37) or later
12.0XD	Vulnerable; migrate to 12.2(37) or later
12.0XE	Vulnerable; migrate to 12.1(26)E7 or later
12.0XF	Not vulnerable
12.0XG	Vulnerable; migrate to 12.2(37) or later
12.0XH	Vulnerable; migrate to 12.2(37) or later
12.0XI	Vulnerable; migrate to 12.2(37) or later
12.0XJ	Vulnerable; migrate to 12.2(37) or later
12.0XK	Vulnerable; migrate to 12.2(37) or later
12.0XL	Vulnerable; migrate to 12.2(37) or later
12.0XM	Vulnerable; migrate to 12.2(37) or later
12.0XN	Vulnerable; migrate to 12.2(37) or later
12.0XQ	Vulnerable; migrate to 12.2(37) or later
12.0XR	Vulnerable; migrate to 12.2(37) or later
12.0XS	Vulnerable; migrate to 12.1(26)E7 or later
12.0XV	Vulnerable; migrate to 12.2(37) or later
12.0XW	Vulnerable; migrate to 12.0(5)WC15 or later
Affected 12.1-Based Release	Rebuild	Maintenance
12.1	Vulnerable; migrate to 12.2(37) or later
12.1 AA	Vulnerable; migrate to 12.2(37) or later
12.1 AX	Vulnerable; for c3750-ME, migrate to 12.2(25)EY4 or later. For c2970 and 3750, migrate to 12.2(35)SE or later.
12.1 AY	Vulnerable; migrate to 12.1(22)EA8 or later
12.1 AZ	Vulnerable; migrate to 12.1(22)EA8 or later
12.1 CX	Vulnerable; migrate to 12.2(37) or later
12.1 DA	Vulnerable; migrate to 12.2(10)DA5 or later
12.1 DB	Vulnerable; migrate to 12.3(4)T13 or later
12.1 DC	Vulnerable; migrate to 12.3(4)T13 or later
12.1E	12.1(26)E7
12.1E	12.1(27b)E1
12.1EA	12.1(22)EA8
12.1EB	Vulnerable; contact TAC
12.1EC	Vulnerable; migrate to 12.3(17b)BC3 or later
12.1EO	12.1(19)EO6*; available on 22-Feb-07
12.1EO	12.1(20)EO3
12.1EU	Vulnerable; migrate to 12.2(25)EWA6 or later
12.1EV	Vulnerable; migrate to 12.2(27)SV4 or later
12.1EW	Vulnerable; migrate to 12.2(25)EWA6 or later
12.1EX	Vulnerable; migrate to 12.1(26)E7 or later
12.1EY	Vulnerable; migrate to 12.1(26)E7 or later
12.1EZ	Vulnerable; migrate to 12.1(26)E7 or later
12.1T	Vulnerable; migrate to 12.2(37) or later
12.1XA	Vulnerable; migrate to 12.2(37) or later
12.1XB	Vulnerable; migrate to 12.2(37) or later
12.1XC	Vulnerable; migrate to 12.2(37) or later
12.1XD	Vulnerable; migrate to 12.2(37) or later
12.1XE	Vulnerable; migrate to 12.1(26)E7 or later
12.1XF	Vulnerable; migrate to 12.3(19) or later
12.1XG	Vulnerable; migrate to 12.3(19) or later
12.1XH	Vulnerable; migrate to 12.2(37) or later
12.1XI	Vulnerable; migrate to 12.2(37) or later
12.1XJ	Vulnerable; migrate to 12.3(19) or later
12.1XL	Vulnerable; migrate to 12.3(19) or later
12.1XM	Vulnerable; migrate to 12.3(19) or later
12.1XP	Vulnerable; migrate to 12.3(19) or later
12.1XQ	Vulnerable; migrate to 12.3(19) or later
12.1XR	Vulnerable; migrate to 12.3(19) or later
12.1XS	Vulnerable; migrate to 12.2(37) or later
12.1XT	Vulnerable; migrate to 12.3(19) or later
12.1XU	Vulnerable; migrate to 12.3(19) or later
12.1XV	Vulnerable; migrate to 12.3(19) or later
12.1XW	Vulnerable; migrate to 12.2(37) or later
12.1XX	Vulnerable; migrate to 12.2(37) or later
12.1XY	Vulnerable; migrate to 12.2(37) or later
12.1XZ	Vulnerable; migrate to 12.2(37) or later
12.1YA	Vulnerable; migrate to 12.3(19) or later
12.1YB	Vulnerable; migrate to 12.3(19) or later
12.1YC	Vulnerable; migrate to 12.3(19) or later
12.1YD	Vulnerable; migrate to 12.3(19) or later
12.1YE	Vulnerable; migrate to 12.3(19) or later
12.1YF	Vulnerable; migrate to 12.3(19) or later
12.1YH	Vulnerable; migrate to 12.3(19) or later
12.1YI	Vulnerable; migrate to 12.3(19) or later
12.1YJ	Vulnerable; migrate to 12.1(22)EA8 or later
Affected 12.2-Based Release	Rebuild	Maintenance
12.2		12.2(37)
12.2B	Vulnerable; migrate to 12.3(4)T13 or later
12.2BC	Vulnerable; migrate to 12.3(17b)BC3 or later
12.2BW	Vulnerable; migrate to 12.3(19) or later
12.2BY	Vulnerable; migrate to 12.3(4)T13 or later
12.2BZ	Vulnerable; migrate to 12.3(7)XI9 or later
12.2CX	Vulnerable; migrate to 12.3(17b)BC3 or later
12.2CY	Vulnerable; migrate to 12.3(17b)BC3 or later
12.2CZ	Vulnerable; contact TAC
12.2DA	12.2(10)DA5
12.2DA	12.2(12)DA10
12.2DD	Vulnerable; migrate to 12.3(4)T13 or later
12.2DX	Vulnerable; migrate to 12.3(4)T13 or later
12.2EU	Vulnerable; migrate to 12.2(25)EWA6 or later
12.2EW	Vulnerable; migrate to 12.2(25)EWA6 or later
12.2EWA	12.2(25)EWA6
12.2EX	12.2(25)EX1
12.2EY	12.2(25)EY4
12.2EZ	Vulnerable; migrate to 12.2(25)SEE1 or later
12.2FX	Vulnerable; migrate to 12.2(25)SEE1 or later
12.2FY	Vulnerable; migrate to 12.2(25)SEE1 or later
12.2FZ	All 12.2FZ releases are fixed
12.2IXA	Vulnerable; contact TAC
12.2IXB	Vulnerable; contact TAC
12.2IXC	Vulnerable; contact TAC
12.2JA	Vulnerable; migrate to 12.3(8)JA2 or later
12.2JK	Vulnerable; migrate to 12.4(4)T4 or later
12.2MB	Vulnerable; migrate to 12.2(25)SW8
12.2MC	Vulnerable; migrate to 12.3(11)T11 or later
12.2S	12.2(25)S12*; available 12-Feb-07
12.2SB	12.2(28)SB2	12.2(31)SB
12.2SBC	12.2(27)SBC5
12.2SE		12.2(35)SE
12.2SEA	Vulnerable; migrate to 12.2(25)SEE1 or later
12.2SEB	Vulnerable; migrate to 12.2(25)SEE1 or later
12.2SEC	Vulnerable; migrate to 12.2(25)SEE1 or later
12.2SED	Vulnerable; migrate to 12.2(25)SEE1 or later
12.2SEE	12.2(25)SEE1
12.2SEF	12.2(25)SEF1
12.2SEG	All 12.2SEG releases are fixed
12.2SG	Vulnerable; contact TAC.
12.2SGA	All 12.2SGA releases are fixed
12.2SO	12.2(18)SO7
12.2SRA	All 12.2SRA releases are fixed
12.2SRB	All 12.2SRB releases are fixed
12.2SU	Vulnerable; migrate to 12.4(8) or later
12.2SV	12.2(27)SV4
	12.2(28)SV1
	12.2(29)SV1
12.2SW	12.2(25)SW8
12.2SX	Vulnerable; migrate to 12.2(18)SXD7a* or later
12.2SXA	Vulnerable; migrate to 12.2(18)SXD7a* or later
12.2SXB	Vulnerable; migrate to 12.2(18)SXD7a* or later
12.2SXD	12.2(18)SXD7a*
12.2SXE	12.2(18)SXE6
12.2SXF	12.2(18)SXF5
12.2SY	Vulnerable; migrate to 12.2(18)SXD7a* or later
12.2SZ	Vulnerable; migrate to 12.2(25)S12*; available 12-Feb-07
12.2T	Vulnerable; migrate to 12.3(19) or later
12.2TPC	Vulnerable; contact TAC
12.2XA	Vulnerable; migrate to 12.3(19) or later
12.2XB	Vulnerable; migrate to 12.3(19) or later
12.2XC	Vulnerable; migrate to 12.3(4)T13 or later
12.2XD	Vulnerable; migrate to 12.3(19) or later
12.2XE	Vulnerable; migrate to 12.3(19) or later
12.2XF	Vulnerable; migrate to 12.3(17b)BC3 or later
12.2XG	Vulnerable; migrate to 12.3(19) or later
12.2XH	Vulnerable; migrate to 12.3(19) or later
12.2XI	Vulnerable; migrate to 12.3(19) or later
12.2XJ	Vulnerable; migrate to 12.3(19) or later
12.2XK	Vulnerable; migrate to 12.3(19) or later
12.2XL	Vulnerable; migrate to 12.3(19) or later
12.2XM	Vulnerable; migrate to 12.3(19) or later
12.2XN	Vulnerable; migrate to 12.3(19) or later
12.2XQ	Vulnerable; migrate to 12.3(19) or later
12.2XR	Vulnerable; migrate to 12.3(19) or later
12.2XS	Vulnerable; migrate to 12.3(19) or later
12.2XT	Vulnerable; migrate to 12.3(19) or later
12.2XU	Vulnerable; migrate to 12.3(19) or later
12.2XV	Vulnerable; migrate to 12.3(19) or later
12.2XW	Vulnerable; migrate to 12.3(19) or later
12.2YA	Vulnerable; migrate to 12.3(19) or later
12.2YB	Vulnerable; migrate to 12.3(19) or later
12.2YC	Vulnerable; migrate to 12.3(19) or later
12.2YD	Vulnerable; migrate to 12.3(11)T11 or later
12.2YE	Vulnerable; migrate to 12.2(25)S12*; available 12-Feb-07
12.2YF	Vulnerable; migrate to 12.3(19) or later
12.2YG	Vulnerable; migrate to 12.3(19) or later
12.2YH	Vulnerable; migrate to 12.3(19) or later
12.2YJ	Vulnerable; migrate to 12.3(19) or later
12.2YK	Vulnerable; migrate to 12.3(4)T13 or later
12.2YL	Vulnerable; migrate to 12.3(4)T13 or later
12.2YM	Vulnerable; migrate to 12.3(4)T13 or later
12.2YN	Vulnerable; migrate to 12.3(4)T13 or later
12.2YO	Not vulnerable
12.2YP	Vulnerable; migrate to 12.3(19) or later
12.2YQ	Vulnerable; migrate to 12.3(4)T13 or later
12.2YR	Vulnerable; migrate to 12.3(4)T13 or later
12.2YS	Not vulnerable
12.2YT	Vulnerable; migrate to 12.3(19) or later
12.2YU	Vulnerable; migrate to 12.3(4)T13 or later
12.2YV	Vulnerable; migrate to 12.3(4)T13 or later
12.2YW	Vulnerable; migrate to 12.3(4)T13 or later
12.2YX	Vulnerable; migrate to 12.4(8) or later
12.2YY	Vulnerable; migrate to 12.3(4)T13 or later
12.2YZ	Vulnerable; migrate to 12.2(25)S12*; available 12-Feb-07
12.2ZA	Vulnerable; migrate to 12.2(18)SXD7a* or later
12.2ZB	Vulnerable; migrate to 12.3(4)T13 or later
12.2ZC	Vulnerable; migrate to 12.3(4)T13 or later
12.2ZD	Vulnerable; contact TAC
12.2ZE	Vulnerable; migrate to 12.3(19) or later
12.2ZF	Vulnerable; migrate to 12.3(4)T13 or later
12.2ZG	Vulnerable; contact TAC
12.2ZH	Vulnerable; contact TAC
12.2ZJ	Vulnerable; migrate to 12.3(4)T13 or later
12.2ZL	Vulnerable; contact TAC
12.2ZN	Vulnerable; migrate to 12.3(4)T13 or later
12.2ZP	Vulnerable; migrate to 12.4(8) or later
Affected 12.3-Based Release	Rebuild	Maintenance
12.3		12.3(19)
12.3B	Vulnerable; migrate to 12.3(11)T11 or later
12.3BC	12.3(17b)BC3
12.3BW	Vulnerable; migrate to 12.3(11)T11 or later
12.3JA	12.3(8)JA2
12.3JEA	All 12.3JEA releases are fixed
12.3JEB	All 12.3JEB releases are fixed
12.3JK	12.3(2)JK2
12.3JX	12.3(7)JX6	12.3(11)JX
12.3T	12.3(4)T13
	12.3(11)T11
	Limited platform support is available: Contact TAC.
	Please migrate to 12.4(8) or later.
12.3TPC	Vulnerable; contact TAC
12.3XA	Vulnerable; contact TAC
12.3XB	Vulnerable; migrate to 12.3(11)T11 or later
12.3XC	Vulnerable; contact TAC
12.3XD	Vulnerable; migrate to 12.3(11)T11 or later
12.3XE	Vulnerable; contact TAC
12.3XF	Vulnerable; migrate to 12.3(11)T11 or later
12.3XG	Vulnerable; contact TAC
12.3XH	Vulnerable; migrate to 12.3(11)T11 or later
12.3XI	12.3(7)XI8a	12.3(7)XI9
12.3XJ	Vulnerable; migrate to 12.3(14)YX2 or later
12.3XK	Vulnerable; migrate to 12.4(8) or later
12.3XQ	Vulnerable; migrate to 12.4(8) or later
12.3XR	Vulnerable; contact TAC
12.3XS	Vulnerable; migrate to 12.4(8) or later
12.3XU	Vulnerable; migrate to 12.4(2)T5 or later
12.3XW	Vulnerable; migrate to 12.3(14)YX2 or later
12.3XX	Vulnerable; migrate to 12.4(8) or later
12.3XY	Vulnerable; migrate to 12.4(8) or later
12.3YA	Vulnerable; contact TAC
12.3YD	Vulnerable; migrate to 12.4(2)T5 or later
12.3YF	Vulnerable; migrate to 12.3(14)YX2 or later
12.3YG	Vulnerable; migrate to 12.4(2)T5 or later
12.3YH	Vulnerable; migrate to 12.4(2)T5 or later
12.3YI	Vulnerable; migrate to 12.4(2)T5 or later
12.3YJ	Vulnerable; migrate to 12.4(6)T3 or later
12.3YK	Vulnerable; migrate to 12.4(4)T4 or later
12.3YM	12.3(14)YM8
12.3YQ	Vulnerable; migrate to 12.4(6)T3 or later
12.3YS	Vulnerable; migrate to 12.4(4)T4 or later
12.3YT	Vulnerable; migrate to 12.4(4)T4 or later
12.3YU	Vulnerable; contact TAC
12.3YX	12.3(14)YX2
12.3YZ	12.3(11)YZ1
Affected 12.4-Based Release	Rebuild	Maintenance
12.4	12.4(3e)
12.4	12.4(7b)	12.4(8)
12.4MR	12.4(6)MR1	12.4(9)MR
12.4SW	All 12.4SW releases are fixed
12.4T	12.4(2)T5
	12.4(4)T4
	12.4(6)T3	12.4(9)T
12.4XA	Vulnerable; migrate to 12.4(6)T3
12.4XB	Vulnerable; contact TAC
12.4XC	12.4(4)XC5
12.4XD	12.4(4)XD2
12.4XE	All 12.4XE releases are fixed
12.4XG	All 12.4XG releases are fixed
12.4XJ	All 12.4XJ releases are fixed
12.4XP	All 12.4XP releases are fixed
12.4XT	All 12.4XT releases are fixed

Revision 1.1	2007-February-02	Updated 12.0W and 12.1EO entries in the Software Version and Fixes table.
Revision 1.0	2007-January-24	Initial public release.

Cisco Security Advisory: Combined IOS Table for January 24, 2007 Security Advisories

Document ID: 81731

Advisory ID: cisco-sa-20070124-bundle.shtml

http://www.cisco.com/warp/public/707/cisco-sa-20070124-bundle.shtml

Revision 1.1

Last Updated 2007 February 06 0100 UTC (GMT)

For Public Release 2007 January 24 1600 UTC (GMT)

Please provide your feedback on this document.

Contents

Summary

Software Versions and Fixes

Obtaining Fixed Software

Customers with Service Contracts

Customers using Third-party Support Organizations

Customers without Service Contracts

Status of This Notice: INTERIM

Distribution

Revision History

Cisco Security Procedures

Cisco Security Advisory: Combined IOS Table for January 24, 2007 Security Advisories

Document ID: 81731

Advisory ID: cisco-sa-20070124-bundle.shtml

http://www.cisco.com/warp/public/707/cisco-sa-20070124-bundle.shtml

Revision 1.1

Last Updated 2007 February 06 0100 UTC (GMT)

For Public Release 2007 January 24 1600 UTC (GMT)

Please provide your feedback on this document.

Contents

Summary

writePM('software') Software Versions and Fixes

writePM('fixes') Obtaining Fixed Software

writePM('CWSC') Customers with Service Contracts

writePM('CUTPSO') Customers using Third-party Support Organizations

writePM('CWOSC') Customers without Service Contracts

writePM('status') Status of This Notice: INTERIM

writePM('distribution') Distribution

writePM('revision') Revision History

writePM('secpro') Cisco Security Procedures

Software Versions and Fixes

Obtaining Fixed Software

Customers with Service Contracts

Customers using Third-party Support Organizations

Customers without Service Contracts

Status of This Notice: INTERIM

Distribution

Revision History

Cisco Security Procedures