Cisco Cisco IOS Software Release 12.4(2)XB6 發佈版本通知
30
Release Notes for Cisco 2800 Series Integrated Services Routers for Cisco IOS Release 12.4(6)XE
OL-10715-02
Caveats
Please Note: The August 08, 2007 publication includes four Security Advisories and one Security
Response. The Advisories all affect Cisco IOS, one additionally affects CuCM as well. Each
Advisory lists the releases that correct the vulnerability described in the Advisory, and the
Advisories also detail the releases that correct the vulnerabilities for all four Cisco IOS issues.
Individual publication links are listed below:
Response. The Advisories all affect Cisco IOS, one additionally affects CuCM as well. Each
Advisory lists the releases that correct the vulnerability described in the Advisory, and the
Advisories also detail the releases that correct the vulnerabilities for all four Cisco IOS issues.
Individual publication links are listed below:
Cisco IOS Information Leakage Using IPv6 Routing Header
Cisco IOS Next Hop Resolution Protocol Vulnerability
–
Cisco IOS Secure Copy Authorization Bypass Vulnerability
–
Voice Vulnerabilities in Cisco IOS and Cisco Unified Call Manager
–
Cisco Unified MeetingPlace XSS Vulnerability
–
IPv6 Bugs in 12.4(6)XE
•
CSCef77013
Cisco IOS and Cisco IOS XR contain a vulnerability when processing specially crafted IPv6 packets
with a Type 0 Routing Header present. Exploitation of this vulnerability can lead to information
leakage on affected Cisco IOS and Cisco IOS XR devices, and may also result in a crash of the
affected Cisco IOS device. Successful exploitation on an affected device running Cisco IOS XR will
not result in a crash of the device itself, but may result in a crash of the IPv6 subsystem.
with a Type 0 Routing Header present. Exploitation of this vulnerability can lead to information
leakage on affected Cisco IOS and Cisco IOS XR devices, and may also result in a crash of the
affected Cisco IOS device. Successful exploitation on an affected device running Cisco IOS XR will
not result in a crash of the device itself, but may result in a crash of the IPv6 subsystem.
Cisco has made free software available to address this vulnerability for affected customers. There
are workarounds available to mitigate the effects of the vulnerability.
are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
.
Please Note: The August 08, 2007 publication includes four Security Advisories and one Security
Response. The Advisories all affect Cisco IOS, one additionally affects CuCM as well. Each
Advisory lists the releases that correct the vulnerability described in the Advisory, and the
Advisories also detail the releases that correct the vulnerabilities for all four Cisco IOS issues.
Individual publication links are listed below:
Response. The Advisories all affect Cisco IOS, one additionally affects CuCM as well. Each
Advisory lists the releases that correct the vulnerability described in the Advisory, and the
Advisories also detail the releases that correct the vulnerabilities for all four Cisco IOS issues.
Individual publication links are listed below:
Cisco IOS Information Leakage Using IPv6 Routing Header
Cisco IOS Next Hop Resolution Protocol Vulnerability
–
Cisco IOS Secure Copy Authorization Bypass Vulnerability
–
Voice Vulnerabilities in Cisco IOS and Cisco Unified Call Manager
–
Cisco Unified MeetingPlace XSS Vulnerability