Cisco Cisco IOS Software Release 12.4(23)
782
Caveats for Cisco IOS Release 12.4
OL-7656-15 Rev. J0
Resolved Caveats—Cisco IOS Release 12.4(3h)
•
CSCsg96319
Symptoms: When a reverse SSH session is established with valid authentication credentials, anyone
can obtain unprivileged Telnet access to a system without being authenticated. This situation affects
only reverse SSH sessions when a connection is made with the ssh -l userid :number ip-address
command.
can obtain unprivileged Telnet access to a system without being authenticated. This situation affects
only reverse SSH sessions when a connection is made with the ssh -l userid :number ip-address
command.
Conditions: This symptom is observed only when the Reverse SSH Enhancement is configured. This
enhancement is documented at the following URL:
enhancement is documented at the following URL:
Workaround: Configure reverse SSH by entering the ip ssh port portnum rotary group command.
This configuration is explained at the following URL:
This configuration is explained at the following URL:
•
CSCsh58082
Cisco devices running an affected version of Internetwork Operating System (IOS) which supports
Session Initiation Protocol (SIP) are affected by a vulnerability that may lead to a reload of the
device when receiving a specific series of packets destined to port 5060. This issue is compounded
by a related bug which allows traffic to TCP 5060 and UDP port 5060 on devices not configured for
SIP.
Session Initiation Protocol (SIP) are affected by a vulnerability that may lead to a reload of the
device when receiving a specific series of packets destined to port 5060. This issue is compounded
by a related bug which allows traffic to TCP 5060 and UDP port 5060 on devices not configured for
SIP.
There are no known instances of intentional exploitation of this issue. However, Cisco has observed
data streams that appear to be unintentionally triggering the vulnerability.
data streams that appear to be unintentionally triggering the vulnerability.
Workarounds exist to mitigate the effects of this problem on devices which do not require SIP.
This advisory is posted at
.
•
CSCsi01470
A vulnerability in the Cisco implementation of Multicast Virtual Private Network (MVPN) is
subject to exploitation that can allow a malicious user to create extra multicast states on the core
routers or receive multicast traffic from other Multiprotocol Label Switching (MPLS) based Virtual
Private Networks (VPN) by sending specially crafted messages.
subject to exploitation that can allow a malicious user to create extra multicast states on the core
routers or receive multicast traffic from other Multiprotocol Label Switching (MPLS) based Virtual
Private Networks (VPN) by sending specially crafted messages.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate
this vulnerability are available.
this vulnerability are available.
This advisory is posted at
.
•
CSCsi67763
The U.S. Computer Emergency Response Team (US-CERT) has reported a network evasion
technique using full-width and half-width unicode characters that affects several Cisco products.
The US-CERT advisory is available at the following link:
technique using full-width and half-width unicode characters that affects several Cisco products.
The US-CERT advisory is available at the following link:
By encoding attacks using a full-width or half-width unicode character set, an attacker can exploit
this vulnerability to evade detection by an Intrusion Prevention System (IPS) or firewall. This may
allow the attacker to covertly scan and attack systems normally protected by an IPS or firewall.
this vulnerability to evade detection by an Intrusion Prevention System (IPS) or firewall. This may
allow the attacker to covertly scan and attack systems normally protected by an IPS or firewall.
Cisco response is posted at the following link:
•
CSCsi84017
Symptoms: When you reload a Cisco 2600 series, the router may hang.