Manualshelf

Installation guide

ManualsBrandsCisco ManualsConsumer electronicsWS-C5500 - Catalyst 5500 Chassis Switch
11121314151617181920
17
Release Notes for Catalyst5000 Family Software Release4.x
OL-2306-01
Open and Resolved Caveats in Software Release 4.5(13)
Workaround: Reenable protocol filtering, which will restore multicast traffic forwarding. If you
do not want to reenable protocol filtering, you must reset the switch to resolve the condition.
(CSCdu04672)
On the Gigabit EtherChannel module (WS-X5410), if a host allowed on one secured port is moved
to another previously unused secured port on the same module, the host cannot connect to the
network on the second port.
Workaround: Disable port security on the first port, move the host to the second port, and then
reenable port security on the first port (if desired). (CSCdk31747)
After a switchover from the active to the redundant supervisor engine, the SPAN destination port
might not function correctly. (CSCdk55360)
Resolved Caveats in Software Release4.5(13a)
Note For a description of caveats open in software release4.5(13a), see the Open Caveats in Software
Release4.5(13a)” section on page16.
This section describes resolved caveats in software release4.5(13a).
Some Cisco Catalyst switches, running certain Catalyst OS software releases, have a vulnerability
wherein a buffer overflow in the Telnet option handling can cause the Telnet daemon to crash and
result in a switch reload. This vulnerability can be exploited to initiate a denial of service (DoS)
attack.
This vulnerability is documented as Cisco bug ID CSCdw19195. There are workarounds available
to mitigate the vulnerability.
This advisory will be posted at this URL:
http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml
The following workarounds can be implemented.
If ssh is available in the code base use ssh instead of Telnet and disable Telnet.
For instructions how to do this, please refer to this URL:
http://www.cisco.com/warp/public/707/ssh_cat_switches.html.
Apply Access Control Lists (ACLs) on routers / switches / firewalls in front of the vulnerable
switches such that traffic destined for the Telnet port 23 on the vulnerable switches is only
allowed from the network management subnets.
(CSCdw19195)
Open and Resolved Caveats in Software Release 4.5(13)
This section describes open and resolved caveats in supervisor engine software release4.5(13):
Open Caveats in Software Release4.5(13), page18
Resolved Caveats in Software Release4.5(13), page19