Cisco Cisco Aironet 1400 Wireless Bridge Notas de publicación
8
Release Notes for Cisco Aironet 1410 Bridges for Cisco IOS Release 12.3(2)JA2
OL-6252-03
Caveats
Caveats
This section lists open and resolved caveats in Cisco IOS Release 12.3(2)JA2 for the bridge.
Open Caveats
These caveats are open in Cisco IOS Release 12.3(2)JA2 for the bridge:
•
CSCec78900—High CPU use sometimes slows throughput on bridges.
Resolved Caveats
These caveats are resolved in Cisco IOS Release 12.3(2)JA2:
•
CSCef60659, CSCsa59600—A document that describes how the Internet Control Message Protocol
(ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the
Transmission Control Protocol (TCP) has been made publicly available. This document has been
published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled
“ICMP Attacks Against TCP” (draft-gont-tcpm-icmp-attacks-03.txt).
(ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the
Transmission Control Protocol (TCP) has been made publicly available. This document has been
published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled
“ICMP Attacks Against TCP” (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of
three types:
three types:
1. Attacks that use ICMP “hard” error messages
2. Attacks that use ICMP “fragmentation needed and Don’t Fragment (DF) bit set” messages, also
known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP “source quench” messages
2. Attacks that use ICMP “fragmentation needed and Don’t Fragment (DF) bit set” messages, also
known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP “source quench” messages
Successful attacks may cause connection resets or reduction of throughput in existing connections,
depending on the attack type.
depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are
workarounds available to mitigate the effects of the vulnerability.
workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security
Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple
vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple
vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
•
CSCef96804—The RSSI DC output port now gives correct signal strength readings.
•
CSCeg12593—Bridges now pass VTP information when the native VLAN on the bridge is not
VLAN 1.
VLAN 1.
Troubleshooting
For the most up-to-date, detailed troubleshooting information, refer to the Cisco TAC website at
. Click Technology Support, choose Wireless
from the menu on the left, and click Wireless LAN.