Manualshelf

Release Notes for Cisco Catalyst Blade Switch 3120 for HP, Cisco IOS Release 12.2(50)SE and Later

ManualsBrandsHP ManualsComputer AccessoriesCisco Catalyst 1GbE 3120G Blade Switch
21222324252627282930
27
Release Notes for Cisco Catalyst Blade Switch 3120 for HP, Cisco IOS Release 12.2(50)SE and Later
OL-18270-03
Resolved Caveats
Cisco has released free software updates that address this vulnerability.
Several mitigation strategies are outlined in the workarounds section of this advisory.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090325-tcp.shtml
CSCsr50766
When keepalive is disabled on an interface, the interface is no longer put in an error-disabled state
when it receives keepalive packets.
CSCsr64007
The Switched Port Analyzer (SPAN) destination port no longer detects IPv6 multicast packets from
a VLAN that is not being monitored by SPAN.
CSCsr65689
This message no longer appears in the log during the system bootup on a switch that is running
Cisco IOS 12.2(50)SE:
%COMMON_FIB-3-FIBIDBINCONS2
CSCsu10065
When SFP ports are configured as status multicast router ports, IPv6 Multicast Listener Discovery
(MLD) snooping now works after the switch reloads.
CSCsu59214
The
Set TxPortFifo SRR Failed message no longer appears when you enter both the srr-queue
bandwidth shape 200 0 2 200 and the priority-queue out interface configuration commands on the
same interface.
CSCsu88168
The switch no longer reloads when the Forwarding Information Base (FIB) adjacency table is added.
CSCsv30429
A Cisco IP Phone connected to a Catalyst switch no longer becomes unauthorized when it transitions
from the data authorization domain to the voice authorization domain.
CSCsv38166
The server side of the Secure Copy (SCP) implementation in Cisco IOS software contains a
vulnerability that could allow authenticated users with an attached command-line interface (CLI)
view to transfer files to and from a Cisco IOS device that is configured to be an SCP server,
regardless of what users are authorized to do, per the CLI view configuration. This vulnerability
could allow valid users to retrieve or write to any file on the device's file system, including the
device's saved configuration and Cisco IOS image files, even if the CLI view attached to the user
does not allow it. This configuration file may include passwords or other sensitive information.
The Cisco IOS SCP server is an optional service that is disabled by default. CLI views are a
fundamental component of the Cisco IOS Role-Based CLI Access feature, which is also disabled by
default. Devices that are not specifically configured to enable the Cisco IOS SCP server, or that are
configured to use it but do not use role-based CLI access, are not affected by this vulnerability.
This vulnerability does not apply to the Cisco IOS SCP client feature.
Cisco has released free software updates that address this vulnerability.
There are no workarounds available for this vulnerability apart from disabling either the SCP server
or the CLI view feature if these services are not required by administrators.