Cisco Cisco Aironet 1400 Wireless Bridge 릴리즈 노트
6
Release Notes for Cisco Aironet 1410 Bridges for Cisco IOS Release 12.3(4)JA
OL-7095-01
Caveats
Caveats
This section lists open and resolved caveats in Cisco IOS Release 12.3(4)JA for the bridge.
Open Caveats
These caveats are open in Cisco IOS Release 12.3(4)JA:
•
CSCsa72936—The results for the show controller d0 command do not include the radio serial
number.
number.
Workaround: Enter show interface d0 mem 5fd4 12 in privileged EXEC mode and then do a
hexadecimal/ASCII conversion on the 12-byte result. This example shows the command and the
command output:
hexadecimal/ASCII conversion on the 12-byte result. This example shows the command and the
command output:
AP# sh int d0 mem 5fd4 12
5FD4: 4F46 3043 3338 4234 4831 004C
The 12-byte output converts to the ASCII serial number FOC0834B1HL.
Resolved Caveats
These caveats are resolved in Cisco IOS Release 12.3(4)JA:
•
CSCed36477—The CLI now warns users that bridges do not support different encryption settings
on multiple VLANs.
on multiple VLANs.
•
CSCef60659—A document that describes how the Internet Control Message Protocol (ICMP) could
be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control
Protocol (TCP) has been made publicly available. This document has been published through the
Internet Engineering Task Force (IETF) Internet Draft process, and is entitled “ICMP Attacks
Against TCP” (draft-gont-tcpm-icmp-attacks-03.txt).
be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control
Protocol (TCP) has been made publicly available. This document has been published through the
Internet Engineering Task Force (IETF) Internet Draft process, and is entitled “ICMP Attacks
Against TCP” (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of
three types:
three types:
1. Attacks that use ICMP “hard” error messages 2. Attacks that use ICMP “fragmentation needed
and Don’t Fragment (DF) bit set” messages, also known as Path Maximum Transmission Unit
Discovery (PMTUD) attacks 3. Attacks that use ICMP “source quench” messages
and Don’t Fragment (DF) bit set” messages, also known as Path Maximum Transmission Unit
Discovery (PMTUD) attacks 3. Attacks that use ICMP “source quench” messages
Successful attacks may cause connection resets or reduction of throughput in existing connections,
depending on the attack type.
depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are
workarounds available to mitigate the effects of the vulnerability.
workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security
Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple
vendors whose products are potentially affected. Its posting can be found at
Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple
vendors whose products are potentially affected. Its posting can be found at
•
CSCsa46541—Non-root bridges no longer reboot after receiving a radio_temp_get request.