Cisco Cisco IOS Software Release 12.4(23)
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
581
Caveats for Cisco IOS Release 12.4
OL-7656-15 Rev. J0
Resolved Caveats—Cisco IOS Release 12.4(7e)
A combined software table for Cisco IOS is available to aid customers in choosing a software
releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is
available at the following link:
releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is
available at the following link:
.
•
CSCsc84858
Symptoms: A router may crash because of a bus error when you enter the no policy-map command.
Conditions: This symptom is observed on a Cisco 7200 series that has an NPE-G1 and that runs
Cisco IOS Release 12.3(10c). The symptom may also occur in other releases.
Cisco IOS Release 12.3(10c). The symptom may also occur in other releases.
Workaround: There is no workaround.
•
CSCsd28214
Symptoms: A Cisco router that is running Cisco IOS Release 12.3(19) may crash due to a Watch
Dog timeout while running the RIP routing protocol.
Dog timeout while running the RIP routing protocol.
Conditions: The router may crash due to a Watch Dog timeout if an interface changes state at the
exact same time a RIP route learned on that interface is being replaced with a better metric
redistributed route. For example, RIP has learned the 192.168.1.0 network from Fast Ethernet 1/0.
If RIP learns the 192.168.1.0 network from a redistributed protocol that has a better metric, then the
RIP route will be removed. If, during this time the Fast Ethernet 1/0 interface goes down, then the
router may potentially crash due to a Watch Dog timeout.
exact same time a RIP route learned on that interface is being replaced with a better metric
redistributed route. For example, RIP has learned the 192.168.1.0 network from Fast Ethernet 1/0.
If RIP learns the 192.168.1.0 network from a redistributed protocol that has a better metric, then the
RIP route will be removed. If, during this time the Fast Ethernet 1/0 interface goes down, then the
router may potentially crash due to a Watch Dog timeout.
Workaround: There is no workaround.
•
CSCsd80754
Symptoms: The active router in an HSRP configuration may not respond to an ARP request for the
virtual IP address. When the symptom occurs, both routers in the HSRP configuration have correct
HSRP and ARP entries. Entering the clear arp command on the standby router in the HSRP
configuration does not resolve the problem.
virtual IP address. When the symptom occurs, both routers in the HSRP configuration have correct
HSRP and ARP entries. Entering the clear arp command on the standby router in the HSRP
configuration does not resolve the problem.
Conditions: This symptom is observed when the same HSRP virtual IP address exists in different
HSRP groups on different routers.
HSRP groups on different routers.
Workaround: Enter the no standby redirects command to prevent the symptom from occurring.
•
CSCsd81407
Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also
shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following
protocols or features:
shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following
protocols or features:
–
Session Initiation Protocol (SIP)
–
Media Gateway Control Protocol (MGCP)
–
Signaling protocols H.323, H.254
–
Real-time Transport Protocol (RTP)
–
Facsimile reception
Cisco has made free software available to address these vulnerabilities for affected customers. Fixed
Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all
vulnerabilities mentioned in this advisory.
Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all
vulnerabilities mentioned in this advisory.
There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from
disabling the protocol or feature itself.
disabling the protocol or feature itself.
This advisory is posted at