Cisco Cisco Aironet 1400 Wireless Bridge
6
Release Notes for Cisco Aironet 1410 Wireless Bridges for Cisco IOS Release 12.3(8)JEA
OL-11203-01
Caveats
Resolved Caveats
The following caveats are resolved in Cisco IOS Release 12.3(11)JA:
•
CSCsf04754
Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network
Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when
processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of
network information or may enable an attacker to perform configuration changes to vulnerable
devices. The SNMP server is an optional service that is disabled by default. Only SNMPv3 is
impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the
vulnerabilities described in this document.
Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when
processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of
network information or may enable an attacker to perform configuration changes to vulnerable
devices. The SNMP server is an optional service that is disabled by default. Only SNMPv3 is
impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the
vulnerabilities described in this document.
The United States Computer Emergency Response Team (US-CERT) has assigned Vulnerability
Note VU#878044 to these vulnerabilities.
Note VU#878044 to these vulnerabilities.
Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0960 has been assigned to
these vulnerabilities.
these vulnerabilities.
This advisory will be posted at
•
CSCek26492
Symptoms: A router may crash if it receives a packet with a specific crafted IP option as detailed in
Cisco Security Advisory: Crafted IP Option Vulnerability:
Cisco Security Advisory: Crafted IP Option Vulnerability:
Conditions: This DDTS resolves a symptom of CSCec71950. Cisco IOS with this specific DDTS
are not at risk of crash if CSCec71950 has been resolved in the software.
are not at risk of crash if CSCec71950 has been resolved in the software.
Workaround: Cisco IOS versions with the fix for CSCec71950 are not at risk for this issue and no
workaround is required. If CSCec71950 is not resolved, see the following Cisco Security Advisory:
Crafted IP Option Vulnerability for workaround information:
workaround is required. If CSCec71950 is not resolved, see the following Cisco Security Advisory:
Crafted IP Option Vulnerability for workaround information:
•
CSCek37177
The Cisco IOS Transmission Control Protocol (TCP) listener in certain versions of Cisco IOS
software is vulnerable to a remotely-exploitable memory leak that may lead to a denial of service
condition.
software is vulnerable to a remotely-exploitable memory leak that may lead to a denial of service
condition.
This vulnerability only applies to traffic destined to the Cisco IOS device. Traffic transiting the
Cisco IOS device will not trigger this vulnerability.
Cisco IOS device will not trigger this vulnerability.
Cisco has made free software available to address this vulnerability for affected customers.
This issue is documented as Cisco bug ID
CSCek37177
.
There are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
•
CSCsa53334
The Intrusion Prevention System (IPS) feature set of Cisco IOS contains several vulnerabilities.
These include:
These include: