User guide

ManualsBrandsCisco ManualsComputer equipment2525 - 2525 TR Router

Important Notes

Release Notes for Cisco 2500 Series for Cisco IOS Release 12.0 T

78-5563-07 Rev.H0

Listing all possible addresses—especially all possible broadcast addresses—to which attack packets

may be sent is complicated. If you do not need to forward any legitimate syslog traffic received on an

interface, you can block all syslog traffic arriving on that interface. Remember that blocking will affect

traffic routed through the Cisco IOS device as well as traffic destined to the device; if the IOS device is

expected to forward syslog packets, you will have to do the detailed filtering. Because input access lists

impact system performance, install them with caution—especially on systems running very near their

capacity.

Software Versions and Fixes

Many Cisco software images have been or will be specially reissued to correct this vulnerability. For

example, regular released Cisco IOS version 12.0(2) is vulnerable, as are interim versions 12.0(2.1)

through 12.0(2.3). The first fixed interim version of Release12.0 mainline software is Release12.0(2.4).

However, a special release, 12.0(2a), contains only the fix for this vulnerability and does not include

any other bug fixes from later 12.0 interim releases.

If you are running Release 12.0(2) and want to fix this problem without risking possible instability

presented by installing the 12.0(2.4) interim release, you can upgrade to Release 12.0(2a). Release

12.0(2a) is a “code branch” from the Release 12.0(2) base, which will merge back into the Release 12.0

mainline at Release 12.0(2.4).

Special releases, like 12.0(2a), are one-time, spot fixes, and they will not be maintained. Thus, the

upgrade path from Release 12.0(2a) is to Release 12.0(3).

Table 7 specifies information about affected and repaired software versions.

Note All dates within this table are subject to change.

Table 7 Affected and Repaired Software Versions

Cisco IOS Major Release Description Special Fix

First Fixed

Interim Release

Fixed Maintenance

Release

Unaffected Releases

11.2 and earlier

releases—all variants

Unaffected early releases

(no syslog server)

Unaffected Unaffected Unaffected

11.3, 11.3 T, 11.3 DA,

11.3 MA, 11.3 NA,

11.3 WA, 11.3(2)XA

11.3 releases without syslog

servers

Unaffected Unaffected Unaffected

Releases Based on 11.3

11.3 AA 11.3 early deployment for

AS58xx

11.3(7)AA2,

8-JAN-1999

11.3(7.2)AA 11.3(8)AA, 15-FEB-1999

11.3 DB 11.3 for Cisco NRP routing

blade in Cisco 6400 xDSL

DSLAM

11.3(7)DB2,

18-JAN-1999

Releases Based on 12.0

12.0 12.0 Mainline 12.0(2a),

8-JAN-1999

12.0(2.4) 12.0(3), 1-FEB-1999

12.0 T 12.0 new technology early

deployment

12.0(2a)T1,

11-JAN-1999

12.0(2.4)T 12.0(3)T, 15-FEB-1999