Cisco Cisco IOS Software Release 12.4(4)T
710
Caveats for Cisco IOS Release 12.4T
OL-8003-09 Rev. Z0
Resolved Caveats—Cisco IOS Release 12.4(15)T16
•
CSCtq63838
Symptoms: A Cisco 2921 router crashes, and the following traceback is seen:
ASSERTION FAILED : ../voip/ccvtsp/vtsp.c: vtsp_cdb_assert: 1528: unkn -Traceback=
0x24A19810z 0x24A5DC8Cz 0x24A4A560z 0x24DF6618z 0x24DF6BBCz 0x24A2DD5Cz 0x24A2E274z
0x233DEA40z 0x233DEA24z
ASSERTION FAILED : ../voip/ccvtsp/vtsp.c: vtsp_cdb_assert: 1528: unkn -Traceback=
0x24A19810z 0x24A5DC8Cz 0x24A4A7E0z 0x24DF6618z 0x24DF6BBCz 0x24A2DD5Cz 0x24A2E274z
0x233DEA40z 0x233DEA24z
%SYS-3-MGDTIMER: Uninitialized timer, timer stop, timer = 315556E0. -Process= "DSMP",
ipl= 0, pid= 306, -Traceback= 0x246EBB2Cz 0x24719984z 0x24A19810z 0x24A5DC8Cz
0x24A4A7E0z 0x24DF6618z 0x24DF6BBCz 0x24A2DD5Cz 0x24A2E274z 0x233DEA40z 0x233DEA24z
23:50:00 UTC Sun May 1 2011: TLB (load or instruction fetch) exception, CPU signal
10, PC = 0x2581FB94
Conditions: This symptom is observed with the DSMP process.
Workaround: There is no workaround.
•
CSCtr15891
Symptoms: On-demand DPD is being sent on every IPsec SA even though a response is seen on at
least one of them.
least one of them.
Conditions: Periodic DPD is configured, and multiple IPsec SAs exist with the peer with outbound
traffic flowing on each of them without any inbound traffic.
traffic flowing on each of them without any inbound traffic.
Workaround: There is no workaround.
•
CSCtr36023
Symptoms: Traceback is printed on console when traffic is flowing through.
Conditions: This symptom is seen with MPLS VPN setup with VRF-aware NAT configured.
Workaround: There is no workaround.
•
CSCtr49064
The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software
contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An
unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login
with a crafted username. Successful exploitation of this vulnerability could allow an attacker to
create a DoS condition by causing the device to reload. Repeated exploits could create a sustained
DoS condition.
contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An
unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login
with a crafted username. Successful exploitation of this vulnerability could allow an attacker to
create a DoS condition by causing the device to reload. Repeated exploits could create a sustained
DoS condition.
The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its
use is highly recommended as a security best practice for the management of Cisco IOS devices.
Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability.
use is highly recommended as a security best practice for the management of Cisco IOS devices.
Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability.
Cisco has released free software updates that address this vulnerability. This advisory is available at
the following link:
the following link:
•
CSCtr54327
Symptoms: A Cisco router may crash due to a SegV exception or have a spurious access when a fax
comes in.
comes in.
Conditions: The crash occurs on a voice gateway that is configured with transcoding and fax
passthrough where a fax call comes in for a codec, but the fax is not configured for a codec, and the
“a=silenceSupp:off” option is set in SDP.
passthrough where a fax call comes in for a codec, but the fax is not configured for a codec, and the
“a=silenceSupp:off” option is set in SDP.
Workaround: There is no workaround.