Cisco Cisco IOS Software Release 15.0(1)M
117
OL-20799-01 Rev. L0
Caveats
•
CSCtx08011
Symptoms: A Cisco IOS router crashes at “ipname_domain_lookup”.
Conditions: This symptom is observed on a Cisco router while executing vrf/vt1 or any WORD from
“user exec” mode.
“user exec” mode.
Workaround: There is no workaround.
•
CSCtx38806
Symptoms: SSL VPN users get disconnected once their Microsoft Windows machine is updated
with the Microsoft Security update KB2585542. This affects Cisco AnyConnect clients.
with the Microsoft Security update KB2585542. This affects Cisco AnyConnect clients.
This symptom may also be observed on Microsoft Internet Explorer browsers or browsers that have
the BEAST SSL vulnerability fix. This fix uses SSL fragmentation (record-splitting).
the BEAST SSL vulnerability fix. This fix uses SSL fragmentation (record-splitting).
Google Chrome browser v16.0.912 is affected for Clientless WebVPN on Windows and MAC
machines. Mozilla Firefox v10.0.1 also displays the error message:
machines. Mozilla Firefox v10.0.1 also displays the error message:
The page isn't redirecting properly.
Conditions: This symptom is observed with routers running Cisco IOS releases that act as the
headend for SSL VPN connections.
headend for SSL VPN connections.
Workaround 1: Use a Clientless browser to start the client. This works only in some Cisco IOS
releases.
releases.
Workaround 2: Uninstall the update.
Workaround 3: Use rc4. This is a less secure encryption option. Hence, use it only if it meets your
security needs. To use rc4, then you configure the following commands:
security needs. To use rc4, then you configure the following commands:
–
webvpn gateway gateway name
–
ssl encryption rc4-md5
Workaround 4: Use AC 2.5.3046 or 3.0.3054.
Workaround 5: Use older versions of Mozilla Firefox (v9.0.1).
Further Problem Description: AnyConnect users receive the following error message:
Connection attempt has failed due to server communication errors. Please retry the
connection.
The AnyConnect event log displays the following error message snippet:
Function: ConnectIfc::connect
Invoked Function: ConnectIfc::handleRedirects
Description: CONNECTIFC_ERROR_HTTP_MAX_REDIRS_EXCEEDED
Resolved Caveats—Cisco IOS Release 15.0(1)M7
Cisco IOS Release 15.0(1)M7 is a rebuild release for Cisco IOS Release 15.0(1)M. The caveats in this
section are resolved in Cisco IOS Release 15.0(1)M7 but may be open in previous Cisco IOS releases.
section are resolved in Cisco IOS Release 15.0(1)M7 but may be open in previous Cisco IOS releases.
•
CSCtr49064
The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software
contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An
unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login
contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An
unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login