Cisco Cisco IOS Software Release 12.4(2)XB6
Release Notes for Cisco IOS Release 12.4(24)GC5
Caveats
8
Release Notes for Cisco IOS Release 12.4(24)GC5
OL-24057-05
•
CSCta33320
This only happens after a reload of the router. Once the router is reloaded, do an SNMP query of:
.1.3.6.1.4.1.9.9.44.1.1.1.1 (ciscoICsuDsuStaticConfigEntry) in CISCO-ICSUDSU-MIB,
the following will be seen in the show log command output:
*Jun 23 14:29:31.863: %DATACORRUPTION-1-DATAINCONSISTENCY: copy error, -PC=
0x405A6664, -Traceback= 0x4175EC50 0x41781B94 0x417A7A30 0x405A6664 0x405A3CB4
0x405A2DA8 0x42D88260 0x42D8D5B0 0x42D7B7DC 0x42DA9838 0x42F8292C 0x42F82910
0x405A6664, -Traceback= 0x4175EC50 0x41781B94 0x417A7A30 0x405A6664 0x405A3CB4
0x405A2DA8 0x42D88260 0x42D8D5B0 0x42D7B7DC 0x42DA9838 0x42F8292C 0x42F82910
*Jun 23 14:29:31.867: %DATACORRUPTION-1-DATAINCONSISTENCY: copy error, -PC=
0x405A6670, -Traceback= 0x4175EC50 0x41781B94 0x417A78BC 0x405A6670 0x405A3CB4
0x405A2DA8 0x42D88260 0x42D8D5B0 0x42D7B7DC 0x42DA9838 0x42F8292C 0x42F82910
0x405A6670, -Traceback= 0x4175EC50 0x41781B94 0x417A78BC 0x405A6670 0x405A3CB4
0x405A2DA8 0x42D88260 0x42D8D5B0 0x42D7B7DC 0x42DA9838 0x42F8292C 0x42F82910
Subsequent SNMP queries will not see the above traceback until another reload.
The issue is seen on Cisco 2821 with VWIC2-1MFT-G703 and HWIC-1CE1T1-PRI running
12.4(20)T1 and 12.4(22)T1 and the latest 12.4(24)T. Other models and IOS versions may also be
affected.
12.4(20)T1 and 12.4(22)T1 and the latest 12.4(24)T. Other models and IOS versions may also be
affected.
Workaround: There is no workaround.
•
CSCte41827
Device configured with SSLVPN crashes. Device configured with SSLVPN and the functions
svc-enabled or functions svc-required commands, and has an outbound ACL on one of the devices
interface.
svc-enabled or functions svc-required commands, and has an outbound ACL on one of the devices
interface.
This vulnerability has only been observed when the outbound ACL is tied to either a NAT or ZBFW
interface in the outbound direction and is not the interface that the SSLVPN session is terminated
against.
interface in the outbound direction and is not the interface that the SSLVPN session is terminated
against.
This vulnerability has only been observed when the SSLVPN sessions terminate over PPP over ATM
interface.
interface.
This vulnerability was not able to be reproduced over SSLVPN sessions terminating over Ethernet
or Serial interfaces.
or Serial interfaces.
Workaround: Remove outbound ACL.
•
CSCti46171
Cisco IOS Software contains four vulnerabilities related to Cisco IOS Zone-Based Firewall features.
These vulnerabilities are as follows:
These vulnerabilities are as follows:
–
Memory Leak Associated with Crafted IP Packets
–
Memory Leak in HTTP Inspection *
–
Memory Leak in H.323 Inspection
–
Memory Leak in SIP Inspection
There are no workarounds that mitigate these vulnerabilities.
Cisco has released free software updates that address these vulnerabilities. This advisory is available
at the following link:
at the following link: