Cisco Cisco IOS Software Release 12.4(2)XB6 릴리즈 노트
11
Release Notes for the Cisco 3700 Series Integrated Services Routers for Cisco IOS Release 12.4(2)XA
OL-8898-01
Caveats
throughput Request bandwidth in X.25 network
transit-delay Specify transit delay (msec)
windowsize Request window sizes for originated calls
<cr>
•
CSCsb90481: Bad enque and traceback when ping with packets > 1445 bytes
Symptoms: The following error and traceback messages are shown on the console:
*Sep 19 15:04:17.027: %SYS-2-LINKED: Bad enqueue of 46ECBC6C in queue 4678EF4C
-Process= "<interrupt level>", ipl= 4
-Traceback= 0x414C292C 0x400AF600 0x4277FB60 0x4036E0EC 0x41A8CE98 0x400E0BD0
0x40067050 0x42C555B0 0x42C559CC 0x42B06718 0x430B4AA8 0x4312FEB4 0x4313882C
0x4313AF2C 0x43124AFC 0x43124FA4
Conditions: This occurs when you ping with packets > 1445 bytes
Workaround: There is no workaround
•
CSCsc25964: PPPoE dialer CEF VAI adjacency does not honor dialer ip mtu
Symptoms: A PPPoE client router does not honor the ip mtu command settings whey they are
configured on the PPPoE dialer interface when the IP MTU is different from the interface MTU.
configured on the PPPoE dialer interface when the IP MTU is different from the interface MTU.
Fragmentation of IP packets larger than the configured IP MTU will not happen, which can create
problems in a PPPoE environment.
problems in a PPPoE environment.
Conditions: This symptom occurs whenever a v-access is cloned from the dialer interface and could
be PPPoE, multilink or PPPoA.
be PPPoE, multilink or PPPoA.
Workaround: Configure the interface mtu command to the required value.
Open Caveats - Release 12.4(2)XA1
There are no open caveats in this release.
Resolved Caveats - Release 12.4(2)XA
This section documents possible unexpected behavior by Cisco IOS Release 12.4(2)XA and describes
only severity 1 and 2 caveats and selected severity 3 caveats.
only severity 1 and 2 caveats and selected severity 3 caveats.
•
CSCed27956: TCP checks should verify ack sequence number.
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been
discovered by an external researcher. The successful exploitation enables an adversary to reset any
established TCP connection in a much shorter time than was previously discussed publicly.
Depending on the application, the connection may get automatically re-established. In other cases,
a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending
upon the attacked protocol, a successful attack may have additional consequences beyond
terminated connection which must be considered. This attack vector is only applicable to the
sessions which are terminating on a device (such as a router, switch, or computer) and not to the
sessions that are only passing through the device (for example, transit traffic that is being routed by
a router). In addition, this attack vector does not directly compromise data integrity or
confidentiality.
discovered by an external researcher. The successful exploitation enables an adversary to reset any
established TCP connection in a much shorter time than was previously discussed publicly.
Depending on the application, the connection may get automatically re-established. In other cases,
a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending
upon the attacked protocol, a successful attack may have additional consequences beyond
terminated connection which must be considered. This attack vector is only applicable to the
sessions which are terminating on a device (such as a router, switch, or computer) and not to the
sessions that are only passing through the device (for example, transit traffic that is being routed by
a router). In addition, this attack vector does not directly compromise data integrity or
confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.