Manualshelf

Datasheet

ManualsBrandsCisco Manualschassis componentsFAN-MOD-6HS=
131132133134135136137138139140
133
Release Notes for Cisco IOS Release 12.1E on the Catalyst 6500 and Cisco 7600 Supervisor Engine and MSFC
OL-2310-11
Caveats
CSCse24889—Resolved in Release 12.1(26)E9.
Symptoms: Malformed SSH version 2 packets may cause a memory leak, causing the platform to
operate under a degraded condition. Under rare circumstances, the platform may reload to recover
itself.
Conditions: This symptom is observed on a Cisco platform that is configured for SSH version 2
after it has received malformed SSHv2 packets.
Workaround: As an interim solution until the affected platform can be upgraded to a Cisco IOS
software image that contains the fix for caveat CSCse24889, configure SSH version 1 from the
global configuration mode, as in the following example:
config t
ip ssh version 1
end
Alternate Workaround: Permit only known trusted hosts and/or networks to connect to the router
by creating a vty access list, as in the following example:
10.1.1.0/24 is a trusted network that is permitted access to the router, all other access is denied
access-list 99 permit 10.1.1.0 0.0.0.255
access-list 99 deny any
line vty 0 4
access-class 99 in
end
Further Problem Description:
For information about configuring vty access lists, see the Controlling Access to a Virtual Terminal
Line document:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124tcg/tsec_c/part10/tsaclvty.htm
For information about SSH, see the Configuring Secure Shell on Routers and Switches Running
Cisco IOS document:
http://www.cisco.com/warp/public/707/ssh.shtml
CSCsg40567—Resolved in Release 12.1(26)E9.
Symptoms: Malformed SSL packets may cause a router to leak multiple memory blocks.
Conditions: This symptom is observed on a Cisco router that has the ip http secure server command
enabled.
Workaround: Disable the ip http secure server command.
CSCsg70474—Resolved in Release 12.1(26)E9.
Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also
shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following
protocols or features:
Session Initiation Protocol (SIP)
Media Gateway Control Protocol (MGCP)
Signaling protocols H.323, H.254
Real-time Transport Protocol (RTP)
Facsimile reception