Cisco Cisco IOS Software Release 12.2(8)YD
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
14
Release Notes for Cisco Cisco 7000 Family for Cisco IOS Release 12.2 YD
OL-2709-04
Caveats for Cisco IOS Release 12.2
Open Caveats—Cisco IOS Release 12.2(8)YD3
This section documents possible unexpected behavior by Cisco IOS Release 12.2(8)YD3 and describes
only severity 1 and 2 caveats and select severity 3 caveats.
only severity 1 and 2 caveats and select severity 3 caveats.
There are no known open caveats for Cisco IOS Release 12.2(8)YD3.
Resolved Caveats—Cisco IOS Release 12.2(8)YD3
All the caveats listed in this section are resolved in Cisco IOS Release 12.2(8)YD3. This section
describes only severity 1 and 2 caveats and select severity 3 caveats.
describes only severity 1 and 2 caveats and select severity 3 caveats.
•
CSCdz60229
Cisco devices which run IOS and contain support for the Secure Shell (SSH) server are vulnerable
to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet
directed at the affected device can cause a reload of the device. No authentication is necessary for
the packet to be received by the affected device. The SSH server in Cisco IOS is disabled by default.
to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet
directed at the affected device can cause a reload of the device. No authentication is necessary for
the packet to be received by the affected device. The SSH server in Cisco IOS is disabled by default.
Cisco will be making free software available to correct the problem as soon as possible.
The malformed packets can be generated using the SSHredder test suite from Rapid7, Inc.
Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this
vulnerability.
Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this
vulnerability.
This advisory is available at
http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml
•
CSCdz83042
If the GGSN receives an all zeroes (16 octets) CHAP challenge in the PCO Information Element in
a GTP PDP Context Create Packet, the GGSN will replace the CHAP challenge by a random value
instead of forwarding it unchanged to the Request Authenticator field in the RADIUS
Access-Request packet. As the Request Authenticator is an input value for the MD5 hash function
in the RADIUS server, the RADIUS authentication will fail with an Access-Reject. So far, this
problem has only been seen with Nokia Mobile GPRS Devices. Any non-zero CHAP challenge will
work correctly.
a GTP PDP Context Create Packet, the GGSN will replace the CHAP challenge by a random value
instead of forwarding it unchanged to the Request Authenticator field in the RADIUS
Access-Request packet. As the Request Authenticator is an input value for the MD5 hash function
in the RADIUS server, the RADIUS authentication will fail with an Access-Reject. So far, this
problem has only been seen with Nokia Mobile GPRS Devices. Any non-zero CHAP challenge will
work correctly.
This problem is fixed by introducing the following CLI:
[no] gprs radius attribute chap-challenge
Table 4
Caveats Reference for Cisco IOS Release 12.2 YD
DDTS Number
Open in Release
Resolved in Release
CSCdv29286
12.2(8)YD
CSCdx36497
12.2(8)YD2
CSCdx63665
12.2(8)YD1
CSCdy07845
12.2(8)YD2
CSCdz60229
12.2(8)YD3
CSCdz83042
12.2(8)YD3