Cisco Cisco Aironet 1400 Wireless Bridge
25
Release Notes for Cisco Aironet Access Points and Bridges for Cisco IOS Release 12.4(10b)JDA and 12.4(10b)JDA2
OL-17693-02
Caveats
•
CSCek69256—A dot11_mgr_disp.c: coding error
•
CSCso07662—WPA/TKIP downstream throughput degraded when compared to previous versions
•
CSCsk78264—A change in the RF domain name takes effect only after a reboot.
•
CSCsm38303—Coverage display on WLSE cannot be displayed correctly.
•
CSCsq66991—Client cannot reconnect to a 1250 series access point with authentication request.
•
CSCsr82508—Upgrade tool sees LWAPP image for 1250 series access point as an invalid image.
•
CSCsr44855—Memory leak in SSH process.
•
CSCsr11909—Access point ARPing for non local WLSM tunnel loopback destination address.
•
CSCsr94048—privilege interface level xx speed command crashes access point.
•
CSCsr27699—Roaming operation does not work correctly.
•
CSCsj56438—Crafted EAP response identity packet may cause device to reload.
This Cisco Bug ID identifies a vulnerability in Cisco's implementation of Extensible Authentication
Protocol (EAP) that exists when processing a crafted EAP Response Identity packet. This
vulnerability affects several Cisco products that have support for wired or wireless EAP
implementations.
Protocol (EAP) that exists when processing a crafted EAP Response Identity packet. This
vulnerability affects several Cisco products that have support for wired or wireless EAP
implementations.
This vulnerability is documented in the following Cisco bug IDs:
Wireless EAP - CSCsj56438
Wired EAP - CSCsb45696 and CSCsc55249
This Cisco Security Response is available at the following link:
•
CSCsg74791—Time-based ACLs do not work properly on Cisco Aironet autonomous access points.
•
CSCso65219—Autonomous 1250 series access point GUI displays incorrect Tx power.
•
CSCsu41132—IP http timeout-policy does not log a user out.
•
CSCsm80730—1240 series access point does not send a reassociation response to client.
•
CSCir02221—CCKM issue with 1240 series access points.
These caveats are resolved in Cisco IOS Release 12.3(8)JEC3:
•
CSCsh97579—Cisco devices running affected versions of Cisco IOS Software are vulnerable to a
denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.
denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.
Cisco has released free software updates that address this vulnerability.
This advisory is posted at
•
CSCsq31776—Cisco devices running affected versions of Cisco IOS Software are vulnerable to a
denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has
released free software updates that address this vulnerability. This advisory is posted at
denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has
released free software updates that address this vulnerability. This advisory is posted at
•
CSCsv04836—Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that
manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state
of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state,
possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state,
resources on a system under attack may be consumed, preventing new TCP connections from being
manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state
of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state,
possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state,
resources on a system under attack may be consumed, preventing new TCP connections from being