Cisco Cisco Aironet 1310 Access Point Bridge 릴리즈 노트
18
Release Notes for Cisco Aironet Access Points for Cisco IOS Release 12.3(8)JEA1
OL-12427-01
Caveats
This advisory is posted at
.
Note
Another related advisory has been posted with this advisory. This additional advisory also
describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is
available at the following link:
describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is
available at the following link:
•
CSCsd92405
Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In
order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL
protocol exchange with the vulnerable device.
order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL
protocol exchange with the vulnerable device.
Successful repeated exploitation of any of these vulnerabilities may lead to a sustained
Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the
confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow
an attacker will not be able to decrypt any previously encrypted information.
Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the
confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow
an attacker will not be able to decrypt any previously encrypted information.
Cisco IOS is affected by the following vulnerabilities:
–
Processing ClientHello messages, documented as Cisco bug ID CSCsb12598
–
Processing ChangeCipherSpec messages, documented as Cisco bug ID CSCsb40304
–
Processing Finished messages, documented as Cisco bug ID CSCsd92405
Cisco has made free software available to address these vulnerabilities for affected customers. There
are workarounds available to mitigate the effects of these vulnerabilities.
are workarounds available to mitigate the effects of these vulnerabilities.
This advisory is posted at
.
Note
Another related advisory has been posted with this advisory. This additional advisory also
describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is
available at the following link:
describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is
available at the following link:
•
CSCsd92405—Router no longer crashes when receiving a multiple malformed TLS/SSL3 finished
message.
message.
•
CSCse85200—Validation of the TLV fields in a CDP packet no longer fail to detect lengths less than
the TLV header size.
the TLV header size.
•
CSCsb40304—Router crash no longer occurs on receipt of multiple instances of TLS/SSL3 Change
Cipher Specification messages.
Cipher Specification messages.
•
CSCsf07847—CDP no longer fails to discover neighbor information.
•
CSCsd02001—AES-CCMP Replay errors no longer periodically occur on 1300 series bridges
running Cisco IOS Release 12.3(7)JA configured with AES encryption.
running Cisco IOS Release 12.3(7)JA configured with AES encryption.
•
-CSCsd54914—802.1x reauthentication interval for a 1300 series access point/bridge in non-root
bridge mode now functions correctly.
bridge mode now functions correctly.
•
CSCek46852—EAP-FAST now works with open source client and local RADIUS server.
•
CSCsg91315—WDS do return reportS to WLSE without problems