Datasheet
184
Release Notes for Cisco IOS Release 12.1E on the Catalyst 6500 and Cisco 7600 Supervisor Engine and MSFC
OL-2310-11
Caveats
sessions that are only passing through the device (for example, transit traffic that is being routed by
a router). In addition, this attack vector does not directly compromise data integrity or
confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this
vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS
software is available at
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
This problem is resolved in Release 12.1(22)E. (CSCed27956, CSCed38527)
• QoS access control list with Layer 4 port operation is not supported. This problem is resolved in
Release 12.1(22)E. (CSCdx91720)
• A reload might occur if you apply an undefined crypto map to an interface. This problem is resolved
in Release 12.1(22)E. (CSCin08118)
• A reload might occur if you establish an SSHv2 session immediately after the “Press RETURN to
get started!” message appears on the console. This problem is resolved in Release 12.1(22)E.
(CSCin48676)
• In a topology with overlapping networks, EIGRP might incorrectly remove a connected route if you
add a new network command before you remove the old one. This problem is resolved in
Release 12.1(22)E. (CSCed93804)
• With bursty multicast sources on the network, a reload might occur because of a watchdog timeout
if a nondefault holdtime value is received in a Protocol Independent Multicast (PIM) join message.
The holdtime value might be nondefault because it is from a non-Cisco network device or because
the Internet Group Management Protocol (IGMP) query interval has been modified on an interface.
This problem is resolved in Release 12.1(22)E. (CSCec70366)
• A reload might occur if you remove a network command from an interface where OSPF is
configured and there is OSPF traffic from the interface in the OSPF queue. This problem is resolved
in Release 12.1(22)E. (CSCec48816)
• When buffer allocation failures occur while free I/O memory is low, Protocol Independent Multicast
(PIM) join messages might not be sent. This problem is resolved in Release 12.1(22)E.
(CSCec40377)
• A reload because of memory corruption might occur when an IP Security (IPsec) generic routing
encapsulation (GRE) tunnel carries multicast traffic. This problem is resolved in Release 12.1(22)E.
(CSCec06341)
• If you enter the ip verify unicast reverse-path interface configuration command on ATM
subinterfaces, some ingress traffic is dropped. This problem is resolved in Release 12.1(22)E.
(CSCdt51547)
• In an SSM/IGMPv3 environment under a topology where a non-designated router (non-DR), but not
the designated router (DR), is in the Shortest Path Tree (SPT), it may take the non-DR up to 3-1/2
minutes to prune and time-out its outgoing interface when all interested receivers have left an (s,g)
group. This problem is resolved in Release 12.1(22)E. (CSCed12688)
• With a loopback cable from a trunk port connected to a WAN port acting as an MPLS/VPN interface,
an unresolved default route causes the PFC to send packets to the MSFC for ARP resolution, which
interferes with hardware switching of the packets exiting the loopback port. This problem is
resolved in Release 12.1(22)E. (CSCed64844)