Cisco Cisco IOS Software Release 12.4(23) Notas de publicación
900
Caveats for Cisco IOS Release 12.4
OL-7656-15 Rev. J0
Resolved Caveats—Cisco IOS Release 12.4(1c)
NHRP is not enabled by default for Cisco IOS.
This vulnerability is addressed by Cisco bug IDs CSCin95836 for non-12.2 mainline releases and
CSCsi23231 for 12.2 mainline releases.
CSCsi23231 for 12.2 mainline releases.
This advisory is posted at
.
•
CSCsb32141
Symptoms: A router that is configured for Resource Reservation Protocol (RSVP) generates the
following error messages on the console and then crashes:
following error messages on the console and then crashes:
%LINK-0-REENTER: Fatal reentrancy, level=3, intfc=FastEthernet0/1
-Process= "RSVP", ipl= 3, pid= 251
%SYS-6-STACKLOW: Stack for process RSVP running low, 0/24000
Conditions: This symptom is observed when the ip rsvp bandwidth and service-policy output
commands are configured on the same interface and when the policy map for the service policy is
configured with the fair-queue command.
commands are configured on the same interface and when the policy map for the service policy is
configured with the fair-queue command.
Workaround: Enter the ip rsvp resource-provider none command on the interface.
Alternate Workaround: Enter the ip rsvp bandwidth value command and ensure that the value
argument is equal to the value that is displayed on the "Available Bandwidth" line in the output of
the show interface interface command plus the value that is shown in the "allocated" column in the
output of the show ip rsvp interface command.
argument is equal to the value that is displayed on the "Available Bandwidth" line in the output of
the show interface interface command plus the value that is shown in the "allocated" column in the
output of the show ip rsvp interface command.
Miscellaneous
•
CSCed94829
Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE (Internet Key
Exchange) messages. These vulnerabilities were identified by the University of Oulu Secure
Programming Group (OUSPG) “PROTOS” Test Suite for IPSec and can be repeatedly exploited to
produce a denial of service.
Exchange) messages. These vulnerabilities were identified by the University of Oulu Secure
Programming Group (OUSPG) “PROTOS” Test Suite for IPSec and can be repeatedly exploited to
produce a denial of service.
Cisco has made free software available to address this vulnerability for affected customers. Prior to
deploying software, customers should consult their maintenance provider or check the software for
feature set compatibility and known issues specific to their environment.
deploying software, customers should consult their maintenance provider or check the software for
feature set compatibility and known issues specific to their environment.
This advisory is posted at
.
•
CSCef84174
Symptoms: PPP forwarding may fail between two virtual access interfaces.
Conditions: This symptom is observed on a Cisco AS5850 but is not platform-dependent.
Workaround: Disable PPP multilink on the asynchronous interfaces.
•
CSCeh09198
Symptoms: A Cisco gateway that has the garbage detector (a tool that is used for debugging memory
leaks) enabled may hang indefinitely.
leaks) enabled may hang indefinitely.
Conditions: This symptom is observed when you enter the garbage detector-related show memory
debug leaks command or show memory debug incremental leaks command.
debug leaks command or show memory debug incremental leaks command.
Workaround: There is no workaround.