Cisco Cisco IOS Software Release 12.4(23)
580
Caveats for Cisco IOS Release 12.4
OL-7656-15 Rev. J0
Resolved Caveats—Cisco IOS Release 12.4(7e)
Conditions: This symptom is observed on a Cisco 3800 series that has an E1 CAS link that is
configured for E&M wink start signaling.
configured for E&M wink start signaling.
Workaround: There is no workaround.
•
CSCek26311
Symptoms: A router may crash when certain IP options are changed on a virtual template while PPP
sessions are being terminated.
sessions are being terminated.
Conditions: This symptom is observed on a Cisco router when a large number (50,000) of PPP
session is being terminated.
session is being terminated.
Workaround: Do not change the configuration of the virtual template while a large number of PPP
sessions is being terminated.
sessions is being terminated.
•
CSCek45344
Symptoms: A Cisco AS5400XM gateway crashes after 24 hour stress with E1-R2 calls.
Conditions: This symptom occurs in stress conditions after a period of 24 hours.
Workaround: There is no workaround.
•
CSCek47653
Symptoms: A voice gateway may crash because of a bus error that is related to an MGCP Visual
Message Waiting Indicator (VMWI) function.
Message Waiting Indicator (VMWI) function.
Conditions: This symptom is observed on a Cisco IAD 2430 that runs Cisco IOS
Release 12.3(14)T2. The symptom may also affect Release 12.4 and Release 12.4T.
Release 12.3(14)T2. The symptom may also affect Release 12.4 and Release 12.4T.
Workaround: There is no workaround.
•
CSCsb40304
Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In
order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL
protocol exchange with the vulnerable device.
order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL
protocol exchange with the vulnerable device.
Successful repeated exploitation of any of these vulnerabilities may lead to a sustained
Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the
confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow
an attacker will not be able to decrypt any previously encrypted information.
Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the
confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow
an attacker will not be able to decrypt any previously encrypted information.
Cisco IOS is affected by the following vulnerabilities:
–
Processing ClientHello messages, documented as Cisco bug ID CSCsb12598
–
Processing ChangeCipherSpec messages, documented as Cisco bug ID CSCsb40304
–
Processing Finished messages, documented as Cisco bug ID CSCsd92405
Cisco has made free software available to address these vulnerabilities for affected customers. There
are workarounds available to mitigate the effects of these vulnerabilities.
are workarounds available to mitigate the effects of these vulnerabilities.
This advisory is posted at
.
Note
Another related advisory has been posted with this advisory. This additional advisory also
describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is
available at the following link:
describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is
available at the following link:
.