Cisco Cisco IOS Software Release 12.4(2)XB6 릴리즈 노트
7
Release Notes for Cisco IAD2801 Series Integrated Access Devices with Cisco IOS Release 12.4(11)XJ
OL-12461-03
Caveats
Resolved Caveats - Cisco IOS Release 12.4(11)XJ4
Miscellaneous Caveats
•
CSCse56501
A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be
subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the
device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP)
services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the
device. Packets that are routed throughout the router can not trigger this vulnerability. Successful
exploitation will prevent the interface from receiving any additional traffic. The only exception is
Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash.
Only the interface on which the vulnerability was exploited will be affected.
subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the
device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP)
services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the
device. Packets that are routed throughout the router can not trigger this vulnerability. Successful
exploitation will prevent the interface from receiving any additional traffic. The only exception is
Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash.
Only the interface on which the vulnerability was exploited will be affected.
Cisco is providing fixed software to address this issue. There are workarounds available to mitigate
the effects of the vulnerability.
the effects of the vulnerability.
This advisory is posted at
•
CSCsf12082
Certain Cisco Catalyst 6500 Series and Cisco 7600 Router devices that run branches of Cisco IOS
based on 12.2 can be vulnerable to a denial of service vulnerability that can prevent any traffic from
entering an affected interface. For a device to be vulnerable, it must be configured for Open Shortest
Path First (OSPF) Sham-Link and Multi Protocol Label Switching (MPLS) Virtual Private
Networking (VPN). This vulnerability only affects Cisco Catalyst 6500 Series or Catalyst 7600
Series devices with the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720) or Route
Switch Processor 720 (RSP720) modules. The Supervisor 32, Supervisor 720, Supervisor 720-3B,
Supervisor 720-3BXL, Route Switch Processor 720, Route Switch Processor 720-3C, and Route
Switch Processor 720-3CXL are all potentially vulnerable.
based on 12.2 can be vulnerable to a denial of service vulnerability that can prevent any traffic from
entering an affected interface. For a device to be vulnerable, it must be configured for Open Shortest
Path First (OSPF) Sham-Link and Multi Protocol Label Switching (MPLS) Virtual Private
Networking (VPN). This vulnerability only affects Cisco Catalyst 6500 Series or Catalyst 7600
Series devices with the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720) or Route
Switch Processor 720 (RSP720) modules. The Supervisor 32, Supervisor 720, Supervisor 720-3B,
Supervisor 720-3BXL, Route Switch Processor 720, Route Switch Processor 720-3C, and Route
Switch Processor 720-3CXL are all potentially vulnerable.
OSPF and MPLS VPNs are not enabled by default.
This advisory is posted at
•
CSCsk73104
Cisco IOS contains multiple vulnerabilities in the Data-link Switching (DLSw) feature that may
result in a reload or memory leaks when processing specially crafted UDP or IP Protocol 91 packets.
result in a reload or memory leaks when processing specially crafted UDP or IP Protocol 91 packets.
Cisco has released free software updates that address these vulnerabilities. Workarounds are
available to mitigate the effects of these vulnerabilities.
available to mitigate the effects of these vulnerabilities.
This advisory is posted at
•
CSCsi01470
A vulnerability in the Cisco implementation of Multicast Virtual Private Network (MVPN) is
subject to exploitation that can allow a malicious user to create extra multicast states on the core
routers or receive multicast traffic from other Multiprotocol Label Switching (MPLS) based Virtual
Private Networks (VPN) by sending specially crafted messages.
subject to exploitation that can allow a malicious user to create extra multicast states on the core
routers or receive multicast traffic from other Multiprotocol Label Switching (MPLS) based Virtual
Private Networks (VPN) by sending specially crafted messages.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate
this vulnerability are available.
this vulnerability are available.
This advisory is posted at