Datasheet
146
Release Notes for Cisco IOS Release 12.1E on the Catalyst 6500 and Cisco 7600 Supervisor Engine and MSFC
OL-2310-11
Caveats
enabled by default, and must be configured in order to accept traffic from an explicitly defined peer.
Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be
difficult to inject a malformed packet.
If a misformed packet is received and queued up on the interface, this bug may also be triggered by
other means which are not considered remotely exploitable such as the use of the command ‘show
ip bgp neighbors’ or running the command ‘debug ip bgp <neighbor> updates’ for a configured bgp
neighbor.
Cisco has made free software available to address this problem.
For more details, please refer to this advisory, available at
http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml
This problem is resolved in Release 12.1(26)E. (CSCee67450)
• A VACL configured on a VLAN drops non-IP packets if there is no Layer 3 VLAN interface
configured for that VLAN. This problem is resolved in Release 12.1(26)E. (CSCef09904)
• The interface range command syntax requires spaces. This problem is resolved in
Release 12.1(26)E. (CSCin82081)
• With NAT configured, if you enter an ip multicast boundary command that uses an ACL that denies
multicast traffic, and if you then reconfigure the ACL to permit the multicast traffic, the multicast
traffic continues to be denied. This problem is resolved in Release 12.1(26)E. (CSCin84133)
• You can enter a no service-policy input command without entering the service policy name. This
problem is resolved in Release 12.1(26)E. (CSCin83726, CSCin83727)
• The TACACS+ log displays “group-async” instead of “gigabitethernet” for Gigabit Ethernet ports.
This problem is resolved in Release 12.1(26)E. (CSCef94543)
• After a reload, multicast sources in secondary IP subnets cannot register immediately. This problem
is resolved in Release 12.1(26)E. (CSCsa39767)
• A reload might occur if you enable and disable port security repeatedly on a range of ports. This
problem is resolved in Release 12.1(26)E. (CSCin84166)
• After a switchover to a redundant supervisor engine, aggregate policers might not be applied to the
interfaces where they are configured. This problem is resolved in Release 12.1(26)E. (CSCin83227)
• An ACL with no ACEs does not deny traffic when it is applied to an unstable port-channel interface
that is part of a multicast stub network. This problem is resolved in Release 12.1(26)E.
(CSCin82441)
• When you reconfigure the forwarding method for a cache engine service from Layer 2 redirection
to GRE tunneling, the MLS flow mask is not amended appropriately. This situation might cause
suboptimal performance. This problem is resolved in Release 12.1(26)E. (CSCin79644)
• The default severity level is 6 instead of 3 for many system messages from these modules:
–
Supervisor Engine 1
–
Supervisor Engine 2
–
WS-X6408-GBIC
–
WS-X6408A-GBIC
–
WS-X6416-GE-MT
–
WS-X6416-GBIC
–
WS-X6516-GBIC
–
WS-X6516A-GBIC