Datasheet

ManualsBrandsCisco Manualschassis componentsFAN-MOD-6HS=

121

122

123

124

125

126

127

128

129

130

121

Release Notes for Cisco IOS Release 12.1E on the Catalyst 6500 and Cisco 7600 Supervisor Engine and MSFC

OL-2310-11

Caveats

Resolved General Caveats in Release 12.1(27b)E3

• CSCin95836—Resolved in Release 12.1(27b)E3.

The Cisco Next Hop Resolution Protocol (NHRP) feature in Cisco IOS contains a vulnerability that

can result in a restart of the device or possible remote code execution.

NHRP is a primary component of the Dynamic Multipoint Virtual Private Network (DMVPN)

feature.

NHRP can operate in three ways: at the link layer (Layer 2), over Generic Routing Encapsulation

(GRE) and multipoint GRE (mGRE) tunnels and directly on IP (IP protocol number 54). This

vulnerability affects all three methods of operation.

NHRP is not enabled by default for Cisco IOS.

This vulnerability is addressed by Cisco bug IDs CSCin95836 for non-12.2 mainline releases and

CSCsi23231 for 12.2 mainline releases.

This advisory is posted at

http://www.cisco.com/warp/public/707/cisco-sa-20070808-nhrp.shtml.

• Some UDP packets that have the Terminal Access Controller Access Control System (TACACS)

port (49) as their destination might remain suspended in the interface queue. This problem occurs

when TACACS+ is configured. This problem is resolved in Release 12.1(27b)E3. (CSCsb11698)

• A reload might occur when a frame relay sub-interface is deleted. This problem is resolved in

Release 12.1(27b)E3. (CSCsi05251)

• Fast Ethernet port speed and duplex autonegotiaon might not work. This problem is resolved in

Release 12.1(27b)E3. (CSCsi84306)

Resolved General Caveats in Release 12.1(27b)E2

• CSCsg70474—Resolved in Release 12.1(27b)E2

Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also

shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following

protocols or features:

–

Session Initiation Protocol (SIP)

–

Media Gateway Control Protocol (MGCP)

–

Signaling protocols H.323, H.254

–

Real-time Transport Protocol (RTP)

–

Facsimile reception

Cisco has made free software available to address these vulnerabilities for affected customers. Fixed

Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all

vulnerabilities mentioned in this advisory.

There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from

disabling the protocol or feature itself.

This advisory is posted at

http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-voice.shtml

• Closing a Telnet session may cause a reload. This problem is resolved in Release 12.1(27b)E2.

(CSCds33629)