Cisco Cisco IOS Software Release 12.4(23) Notas de publicación
698
Caveats for Cisco IOS Release 12.4
OL-7656-15 Rev. J0
Resolved Caveats—Cisco IOS Release 12.4(5b)
Miscellaneous
•
CSCee72997
Cisco IOS devices that are configured for Internet Key Exchange (IKE) protocol and certificate
based authentication are vulnerable to a resource exhaustion attack. Successful exploitation of this
vulnerability may result in the allocation of all available Phase 1 security associations (SA) and
prevent the establishment of new IPsec sessions. Cisco has released free software updates that
address this vulnerability. This advisory is posted at
based authentication are vulnerable to a resource exhaustion attack. Successful exploitation of this
vulnerability may result in the allocation of all available Phase 1 security associations (SA) and
prevent the establishment of new IPsec sessions. Cisco has released free software updates that
address this vulnerability. This advisory is posted at
•
CSCee69887
Symptoms: A dual SRP ring fails to become active completely due to an is-type mismatch. The
output of the show clns neighbors command indicates that a certain system interface remains in the
“Init” state indefinitely, although the output of the show ip interface brief command shows that this
interface is up.
output of the show clns neighbors command indicates that a certain system interface remains in the
“Init” state indefinitely, although the output of the show ip interface brief command shows that this
interface is up.
Conditions: This symptom is observed when a dual SRP ring is configured on three routers that run
Cisco IOS Release 12.2S. The symptom may also occur in other releases.
Cisco IOS Release 12.2S. The symptom may also occur in other releases.
Workaround: There is no workaround.
•
CSCeh18306
Symptoms: On a Cisco 2600-XM series that is configured with an AIM-ATM module, when one
PVC is configured for ABR and another PVC is configured for another ATM class, CRC errors occur
on the far end of the ATM link of the PVC that is configured for the other ATM class. This situation
may occur because the PVC that is configured for ABR sends two RM cells in a row and overwrites
some data of the PVC that is configured for the other ATM class
PVC is configured for ABR and another PVC is configured for another ATM class, CRC errors occur
on the far end of the ATM link of the PVC that is configured for the other ATM class. This situation
may occur because the PVC that is configured for ABR sends two RM cells in a row and overwrites
some data of the PVC that is configured for the other ATM class
Conditions: This symptom is observed on a Cisco 2651-XM that runs Cisco IOS Release 12.3 and
that is configured with an AIM-ATM module. However, the symptom may not be
platform-dependent and may occur on any platform that is configured with an AIM-ATM module.
that is configured with an AIM-ATM module. However, the symptom may not be
platform-dependent and may occur on any platform that is configured with an AIM-ATM module.
Workaround: Do not configure ABR on a PVC.
•
CSCeh60551
Symptoms: Certain malformed client certificates may cause an AP that is running Cisco IOS
Release 12.3(2)JA2 or 12.3(4)JA to crash when EAP-TLS is used.
Release 12.3(2)JA2 or 12.3(4)JA to crash when EAP-TLS is used.
Workaround: Issue a new client certificate.
•
CSCej13460
Symptoms: The packets are not switched correctly using the Fast Switching with IPSec tunnel
protection feature.
protection feature.
Condition: This symptom has been observed in Cisco IOS Release 12.4(1b) when tunnel protection
IPSec is configured and tunnel source interface has Fast- switching (but not CEF) configured.
IPSec is configured and tunnel source interface has Fast- switching (but not CEF) configured.
Workaround: Use CEF switching.
•
CSCej27710
Symptoms: The voicemail box is not available.
Conditions: This symptom has been observed when a mailbox is assigned to a phone and someone
leaves voice mail.
leaves voice mail.
Workaround: There is no workaround.