Cisco Cisco IOS Software Release 12.4(15)XZ

This advisory is posted at the following link:

CSCsu11522 A vulnerability exists in the Session Initiation Protocol (SIP) 

implementation in Cisco IOS software that can be exploited remotely to cause a 

reload of the Cisco IOS device.

Cisco has released free software updates that address this vulnerability. There are no workarounds 
available to mitigate the vulnerability apart from disabling SIP, if the Cisco IOS device does not need to 
run SIP for VoIP services. However, mitigation techniques are available to help limit exposure to the 
vulnerability.

This advisory is posted at the following link:

CSCsr29468 Cisco IOS software contains a vulnerability in multiple features that 

could allow an attacker to cause a denial of service (DoS) condition on the 

affected device. A sequence of specially crafted TCP packets can cause the 

vulnerable device to reload.

Cisco has released free software updates that address this vulnerability.

Several mitigation strategies are outlined in the workarounds section of this advisory.

This advisory is posted at

CSCsq50366 Last digit getting truncated when prefix is set to its max value of 32.

Last digit getting truncated when prefix is configured with a length of 32 under the dial-peer.

When the prefix is configured with a length of 32 under the dial-peer only 31 digits are being 

sent across and the calls fails as there is no matching dial-peer at the other end. When the prefix is 
configured for 31 digits, then all the digits are sent correctly and the call is successful.

This is seen in the following call scenario:

Configure E1R2 ds0 groups between callgen and UUT:

Callgen calls into the UUT using ds0-group1.

The UUT has DID configured.

The UUT directs the call to ds0-group2 which is connected back to callgen.

Callgen has DID configured for the incoming call.

Callgen directs the call to ds0-group3 which is connected back to the UUT

The uut establishes a VoIP call leg back to callgen.

None.