Cisco Cisco IOS Software Release 12.0 S
2323
Cross-Platform Release Notes for Cisco IOS Release 12.0S
OL-1617-14 Rev. Q0
Resolved Caveats—Cisco IOS Release 12.0(15)S6
•
CSCdt66560
The performance of Cisco 12000 series Internet routers can be degraded when they have to send a
large number of ICMP unreachable packets. This situation usually can occur during heavy network
scanning. This vulnerability is tracked by three different bug IDs: CSCdr46528, CSCdt66560,
CSCds36541. Each bug ID is assigned to a different Engine the line card is based upon.
large number of ICMP unreachable packets. This situation usually can occur during heavy network
scanning. This vulnerability is tracked by three different bug IDs: CSCdr46528, CSCdt66560,
CSCds36541. Each bug ID is assigned to a different Engine the line card is based upon.
The rest of the Cisco routers and switches are not affected by this vulnerability. It is specific for
Cisco 12000 Series.
Cisco 12000 Series.
No other Cisco product is vulnerable.
The workaround is to either prevent the router from sending unreachable Internet Control Message
Protocol (ICMPs) at all or to rate limit them.
Protocol (ICMPs) at all or to rate limit them.
This advisory is available at
•
CSCdt69741
Six vulnerabilities involving Access Control List (ACL) has been discovered in multiple releases of
Cisco IOS® Software Release for Cisco 12000 Series Internet Routers. Not all vulnerabilities are
present in all IOS releases and only line cards based on the Engine 2 are affected by them. No other
Cisco product is vulnerable.
Cisco IOS® Software Release for Cisco 12000 Series Internet Routers. Not all vulnerabilities are
present in all IOS releases and only line cards based on the Engine 2 are affected by them. No other
Cisco product is vulnerable.
The workarounds are described in the Workarounds section.
This advisory is available at
•
CSCdt89344
Under some circumstances, inserting routes into a routing table may cause the memory to become
fragmented.
fragmented.
Workaround: Configure the memory free-list 65488 command.
•
CSCdt96370
Six vulnerabilities involving Access Control List (ACL) has been discovered in multiple releases of
Cisco IOS® Software Release for Cisco 12000 Series Internet Routers. Not all vulnerabilities are
present in all IOS releases and only line cards based on the Engine 2 are affected by them.
Cisco IOS® Software Release for Cisco 12000 Series Internet Routers. Not all vulnerabilities are
present in all IOS releases and only line cards based on the Engine 2 are affected by them.
No other Cisco product is vulnerable.
The workarounds are described in the Workarounds section.
This advisory is available at
http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
•
CSCdu07732
When a POS card is replaced by another POS card and again replaced with the initial POS card,
snmpwalk works fine on ifTable for all interfaces, but snmpgetone fails for some POS interfaces on
the replaced card.
snmpwalk works fine on ifTable for all interfaces, but snmpgetone fails for some POS interfaces on
the replaced card.
Workaround: Move the POS card into another slot which was previously empty or not occupied by
any POS card.
any POS card.
•
CSCdu16602
A Cisco router may reload when the show ip mroute group-address source-address EXEC
command is entered.
command is entered.