Cisco Cisco IOS Software Release 12.4(23)
421
Caveats for Cisco IOS Release 12.4
OL-7656-15 Rev. J0
Resolved Caveats—Cisco IOS Release 12.4(10c)
•
CSCsd95616
Two crafted Protocol Independent Multicast (PIM) packet vulnerabilities exist in Cisco IOS
software that may lead to a denial of service (DoS) condition. Cisco has released free software
updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are
available.
software that may lead to a denial of service (DoS) condition. Cisco has released free software
updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are
available.
This advisory is posted at
.
•
CSCse56501
A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be
subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the
device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP)
services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the
device. Packets that are routed throughout the router can not trigger this vulnerability. Successful
exploitation will prevent the interface from receiving any additional traffic. The only exception is
Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash.
Only the interface on which the vulnerability was exploited will be affected.
subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the
device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP)
services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the
device. Packets that are routed throughout the router can not trigger this vulnerability. Successful
exploitation will prevent the interface from receiving any additional traffic. The only exception is
Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash.
Only the interface on which the vulnerability was exploited will be affected.
Cisco is providing fixed software to address this issue. There are workarounds available to mitigate
the effects of the vulnerability.
the effects of the vulnerability.
This advisory is posted at
•
CSCse91102
Symptoms: A Cisco IAD 2430 IAD crashes on Cisco IOS Release 12.4(4)T2. Traceback decodes
indicate memory corruption. The following events may also appear in the log:
indicate memory corruption. The following events may also appear in the log:
%SYS-3-BADMAGIC: Corrupt block at
%SYS-6-MTRACE: mallocfree: addr, pc
%SYS-6-BLKINFO: Corrupted magic value in in-use block
%SYS-6-MEMDUMP:
Conditions: The router crashes where the decodes indicate check heaps as the source with any or all
of the following also included in decode:
of the following also included in decode:
crashdump
validblock
validate_memory
checkheaps
checkheaps_process
Workaround: There is no workaround.
•
CSCsg08395
Symptoms: When one of the controllers of a VWIC-2MFT-E1 Voice/WAN interface card that is
connected back-to-back to another router is shut down, ISDN L2 may go down on the second E1
controller of the VWIC-2MFT-E1.
connected back-to-back to another router is shut down, ISDN L2 may go down on the second E1
controller of the VWIC-2MFT-E1.
Conditions: This symptom is observed on a Cisco 3725 that runs Cisco IOS interim
Release 12.4(11.1).
Release 12.4(11.1).
Workaround: There is no workaround.
•
CSCsg40567
Symptoms: Malformed SSL packets may cause a router to leak multiple memory blocks.