Table Of Contents
Release Notes for Catalyst 5000 Family ATM Module LANE QoS Release 12.1E
Software Releases and Orderable Product Number Matrix
Usage Guidelines and Restrictions
New Features in Release 12.1(27b)E3
New Features in Release 12.1(27b)E2
New Features in Release 12.1(27b)E1
New Features in Release 12.1(27b)E
New Features in Release 12.1(26)E9
New Features in Release 12.1(26)E8
New Features in Release 12.1(26)E7
New Features in Release 12.1(26)E6
New Features in Release 12.1(26)E5
New Features in Release 12.1(26)E4
New Features in Release 12.1(26)E3
New Features in Release 12.1(26)E2
New Features in Release 12.1(26)E1
New Features in Release 12.1(26)E
New Features in Release 12.1(23)E4
New Features in Release 12.1(23)E3
New Features in Release 12.1(23)E1
New Features in Release 12.1(23)E
New Features in Release 12.1(22)E6
New Features in Release 12.1(22)E3
New Features in Release 12.1(22)E1
New Features in Release 12.1(22)E
New Features in Release 12.1(20)E6
New Features in Release 12.1(20)E3
New Features in Release 12.1(20)E
New Features in Release 12.1(19)E2
New Features in Release 12.1(19)E
New Features in Release 12.1(14)E1
New Features in Release 12.1(13)E
New Features in Release 12.1(12c)E1
New Features in Release 12.1(12c)E
New Features in Release 12.1(11b)E11
New Features in Release 12.1(11b)E
New Features in Release 12.1(10)E5
New Features in Release 12.1(10)E4
New Features in Release 12.1(10)E
New Features in Release 12.1(8b)E13
New Features in Release 12.1(8b)E10
New Features in Release 12.1(8b)E9
New Features in Release 12.1(8a)E
New Features in Release 12.1(7a)E5
New Features in Release 12.1(6)E12
New Features in Release 12.1(6)E8
New Features in Release 12.1(6)E
New Features in Release 12.1(5c)E12
New Features in Release 12.1(5a)E3
New Features in Release 12.1(2)E2
Open Caveats in Release 12.1(27b)E3
Resolved Caveats in Release 12.1(27b)E3
Open Caveats in Release 12.1(27b)E2
Resolved Caveats in Release 12.1(27b)E2
Open Caveats in Release 12.1(27b)E1
Resolved Caveats in Release 12.1(27b)E1
Open Caveats in Release 12.1(27b)E
Resolved Caveats in Release 12.1(27b)E
Open Caveats in Release 12.1(26)E9
Resolved Caveats in Release 12.1(26)E9
Open Caveats in Release 12.1(26)E8
Resolved Caveats in Release 12.1(26)E8
Open Caveats in Release 12.1(26)E7
Resolved Caveats in Release 12.1(26)E7
Open Caveats in Release 12.1(26)E6
Resolved Caveats in Release 12.1(26)E6
Open Caveats in Release 12.1(26)E5
Resolved Caveats in Release 12.1(26)E5
Open Caveats in Release 12.1(26)E4
Resolved Caveats in Release 12.1(26)E4
Open Caveats in Release 12.1(26)E3
Resolved Caveats in Release 12.1(26)E3
Open Caveats in Release 12.1(26)E2
Resolved Caveats in Release 12.1(26)E2
Open Caveats in Release 12.1(26)E1
Resolved Caveats in Release 12.1(26)E1
Open Caveats in Release 12.1(26)E
Resolved Caveats in Release 12.1(26)E
Open Caveats in Release 12.1(23)E4
Resolved Caveats in Release 12.1(23)E4
Open Caveats in Release 12.(23)E3
Resolved Caveats in Release 12.(23)E3
Open Caveats in Release 12.1(23)E1
Resolved Caveats in Release 12.1(23)E1
Open Caveats in Release 12.1(23)E
Resolved Caveats in Release 12.1(23)E
Open Caveats in Release 12.1(22)E6
Resolved Caveats in Release 12.1(22)E6
Open Caveats in Release 12.1(22)E3
Resolved Caveats in Release 12.1(22)E3
Open Caveats in Release 12.1(22)E1
Resolved Caveats in Release 12.1(22)E1
Open Caveats in Release 12.1(22)E
Resolved Caveats in Release 12.1(22)E
Open Caveats in Release 12.1(20)E6
Resolved Caveats in Release 12.1(20)E6
Open Caveats in Release 12.1(20)E3
Resolved Caveats in Release 12.1(20)E3
Open Caveats in Release 12.1(20)E
Resolved Caveats in Release 12.1(20)E
Open Caveats in Release 12.1(19)E2
Resolved Caveats in Release 12.1(19)E2
Open Caveats in Release 12.1(19)E
Resolved Caveats in Release 12.1(19)E
Open Caveats in Release 12.1(14)E1
Resolved Caveats in Release 12.1(14)E1
Open Caveats in Release 12.1(13)E
Resolved Caveats in Release 12.1(13)E
Open Caveats in Release 12.1(12c)E1
Resolved Caveats in Release 12.1(12c)E1
Open Caveats in Release 12.1(12c)E
Resolved Caveats in Release 12.1(12c)E
Open Caveats in Release 12.1(11b)E12
Resolved Caveats in Release 12.1(11b)E12
Open Caveats in Release 12.1(11b)E11
Resolved Caveats in Release 12.1(11b)E11
Open Caveats in Release 12.1(11b)E
Resolved Caveats in Release 12.1(11b)E
Open Caveats in Release 12.1(10)E5
Resolved Caveats in Release 12.1(10)E5
Open Caveats in Release 12.1(10)E4
Resolved Caveats in Release 12.1(10)E4
Open Caveats in Release 12.1(10)E
Resolved Caveats in Release 12.1(10)E
Open Caveats in Release 12.1(8b)E13
Resolved Caveats in Release 12.1(8b)E13
Open Caveats in Release 12.1(8b)E10
Resolved Caveats in Release 12.1(8b)E10
Open Caveats in Release 12.1(8b)E9
Resolved Caveats in Release 12.1(8b)E9
Open Caveats in Release 12.1(8a)E
Resolved Caveats in Release 12.1(8a)E
Open Caveats in Release 12.1(7a)E5
Resolved Caveats in Release 12.1(7a)E5
Open Caveats in Release 12.1(6)E8
Resolved Caveats in Release 12.1(6)E8
Open Caveats in Release 12.1(6)E
Resolved Caveats in Release 12.1(6)E
Open Caveats in Release 12.1(5c)E12
Resolved Caveats in Release 12.1(5c)E12
Open Caveats in Release 12.1(5a)E3
Resolved Caveats in Release 12.1(5a)E3
Open Caveats in Release 12.1(2)E2
Resolved Caveats in Release 12.1(2)E2
Open Caveats in Release 12.1(2)E1
Resolved Caveats in Release 12.1(2)E1
Obtaining Documentation and Submitting a Service Request
Release Notes for Catalyst 5000 Family ATM Module LANE QoS Release 12.1E
August 17, 2007
Current Release: 12.1(27b)E3
Previous Releases:
12.1(27b)E2, 12.1(27b)E1, 12.1(27b)E, 12.1(26)E9, 12.1(26)E8, 12.1(26)E7, 12.1(26)E6, 12.1(26)E5, 12.1(26)E4, 12.1(26)E3, 12.1(26)E2, 12.1(26)E1, 12.1(26)E, 12.1(23)E3, 12.1(23)E1, 12.1(23)E, 12.1(22)E6, 12.1(22)E3, 12.1(22)E1, 12.1(22)E, 12.1(20)E6, 12.1(20)E3, 12.1(20)E, 12.1(19)E2, 12.1(19)E, 12.1(14)E1, 12.1(13)E, 12.1(12c)E1, 12.1(12c)E, 12.1(11b)E12, 12.1(11b)E11, 12.1(11b)E, 12.1(10)E5, 12.1(10)E, 12.1(8b)E10, 12.1(8b)E9, 12.1(8a)E, 12.1(7a)E5, 12.1(6)E8, 12.1(5c)E12, 12.1(5a)E3, 12.1(2)E2, and 12.1(2)E1
Note
The most current release notes for Cisco IOS Release 12.1E are available on Cisco.com:
http://www.cisco.com/en/US/docs/switches/lan/catalyst5000/modules/atm/OL_2903.html
This publication describes the LAN Emulation (LANE) quality of service (QoS) feature support on the Catalyst 5000 family ATM modules.
These modules are supported in Release 12.1E:
•
•
•
•
Contents
This publication consists of these sections:
•
•
•
Early Deployment Releases
Cisco IOS Release 12.1E supports the Catalyst 5000 family switch ATM module. Release 12.1E is based on Release 12.1.
For more information about the Cisco IOS software release process, refer to the Cisco IOS Software Releases: Product Bulletin 537 located on Cisco.com:
http://www.cisco.com/warp/public/cc/cisco/mkt/ios/rel/prodlit/537_pp.htm
These release notes do not describe features that are available in Release 12.1, Release 12.1T, or other Release 12.1 Early Deployment (ED) releases.
Current Release Image Names
Table 1 lists the current LANE QoS image names for the Catalyst 5000 family ATM modules.
Software Releases and Orderable Product Number Matrix
Table 2 lists the software releases and applicable ordering information for the Catalyst 5000 family ATM module software.
Usage Guidelines and Restrictions
This section describes the usage guidelines and restrictions for Cisco IOS Release 12.1E for the Catalyst 5000 family ATM module.
•
The Catalyst 5000 family ATM modules take a long time to boot if there is a large network configuration (for example, 4000 PVCs bound to 2 VLANs).
Workaround: There is no workaround for this problem.
•
On Catalyst 5000 family ATM modules running Cisco IOS Release 12.1(4)E with QoS-enabled LAN Emulation Clients (LECs), when you change the QoS parameters in the QoS database, a new QoS VCC may not be established.
Workaround: Perform a clear cam dynamic vlanid command on the switch.
•
On the Catalyst 5000 family and Catalyst 6500 series ATM modules running Cisco IOS Release 12.1(4)E with QoS-enabled LECs, when you move the LECs from QoS-capable modes to non-QoS-capable modes, the LECs may continue to use the UBR+ VCC and will not revert to the UBR VCC.
Workaround: Perform a clear cam dynamic vlanid command on the switch.
•
The WS-X5161 and WS-X5162 modules display CPUHOG messages if the interface is shut down and is restarted with a high number of PVCs configured on the ATM interface. The number of PVCs observed with this problem is approximately 2400.
•
On the ATM modules (WS-X516x, except for the WS-X5166 module), the session into the ATM module may fail when the client is removed and if there is a subinterface in which the last (or only) LEC is present and traffic is flowing. However, the diagnostic port remains functional.
To prevent this problem, before removing a subinterface in which the last (or only) LEC is present, shut down the main interface as follows:
–
–
–
Workaround: Using the diagnostic port, configure an LEC.
•
Changing the traffic-shaping values for a PVC under heavy traffic conditions can lead to the following error messages on OC-3 and OC-12 ATM modules:
17:54:46: ## ATMDRV ERROR REPORT ## THost: Host Response Status: P1CMDS_TX_VC_CLEAR(3) Response Status = P1CMDS_STATUS_SAR_TIMEOUT(12)
17:54:46: ## ATMDRV ## msg = 0x03000CB5 0x00104D08 0x409C1140 0x40122214 0x40538F3C 0x407067A0 0x00000064 0x00000007
Binding for that PVC will also go off, and if you try to bind again you may receive this error message:
00:31:40: ## ATMDRV ERROR REPORT ## THost: Host Response Status: P1CMDS_BIND_LEC_TO_VC(12 or 0x0c) Response Status = P1CMDS_STATUS_WRONG_TYPE(10)
00:31:40: ## ATMDRV ## msg = 0x0C000AD3 0x00200020 0x000C0040 0xC00C0000 0x0000000 0x00370000 0x00000020 0x40867A2E
Workaround: Reload the module and unbind the PVC before changing the traffic-shaping values, and then bind back the PVC.
•
•
•
•
•
•
–
–
–
–
•
•
•
•
•
•
When you use the Hot Standby Router Protocol (HSRP) with the Catalyst 5000 family ATM module, we recommend that you also use the standby use-bia command when configuring the routers. This command shortens the HSRP switchover time.
•
If system time synchronization is not supported, the following message is displayed during the ATM module startup time:
ATM_INSTANCE message does not contain timestamp info.If you receive this message, use the set clock command to set the system clock.
Note
•
•
Important Notes
Deferrals and field notices for the specified releases are located at the following URLs:
•
New and Changed Information
These sections describe the new and changed information for the Catalyst 5000 family ATM module.
New Features in Release 12.1(27b)E3
There are no new features in Release 12.1(27b)E3.
New Features in Release 12.1(27b)E2
There are no new features in Release 12.1(27b)E2.
New Features in Release 12.1(27b)E1
There are no new features in Release 12.1(27b)E1.
New Features in Release 12.1(27b)E
There are no new features in Release 12.1(27b)E.
New Features in Release 12.1(26)E9
There are no new features in Release 12.1(26)E8.
New Features in Release 12.1(26)E8
There are no new features in Release 12.1(26)E8.
New Features in Release 12.1(26)E7
There are no new features in Release 12.1(26)E7.
New Features in Release 12.1(26)E6
There are no new features in Release 12.1(26)E6.
New Features in Release 12.1(26)E5
There are no new features in Release 12.1(26)E5.
New Features in Release 12.1(26)E4
There are no new features in Release 12.1(26)E4.
New Features in Release 12.1(26)E3
There are no new features in Release 12.1(26)E3.
New Features in Release 12.1(26)E2
There are no new features in Release 12.1(26)E2.
New Features in Release 12.1(26)E1
There are no new features in Release 12.1(26)E1.
New Features in Release 12.1(26)E
There are no new features in Release 12.1(26)E.
New Features in Release 12.1(23)E4
There are no new features in Release 12.1(23)E4.
New Features in Release 12.1(23)E3
There are no new features in Release 12.1(23)E3.
New Features in Release 12.1(23)E1
There are no new features in Release 12.1(23)E1.
New Features in Release 12.1(23)E
There are no new features in Release 12.1(23)E.
New Features in Release 12.1(22)E6
There are no new features in Release 12.1(22)E6.
New Features in Release 12.1(22)E3
There are no new features in Release 12.1(22)E3.
New Features in Release 12.1(22)E1
There are no new features in Release 12.1(22)E1.
New Features in Release 12.1(22)E
There are no new features in Release 12.1(22)E.
New Features in Release 12.1(20)E6
There are no new features in Release 12.1(20)E6.
New Features in Release 12.1(20)E3
There are no new features in Release 12.1(20)E3.
New Features in Release 12.1(20)E
There are no new features in Release 12.1(20)E.
New Features in Release 12.1(19)E2
There are no new features in Release 12.1(19)E2.
New Features in Release 12.1(19)E
There are no new features in Release 12.1(19)E.
New Features in Release 12.1(14)E1
There are no new features in Release 12.1(14)E1.
New Features in Release 12.1(13)E
There are no new features in Release 12.1(13)E.
New Features in Release 12.1(12c)E1
There are no new features in Release 12.1(12c)E1.
New Features in Release 12.1(12c)E
There are no new features in Release 12.1(12c)E.
New Features in Release 12.1(11b)E11
There are no new features in Release 12.1(11b)E11.
New Features in Release 12.1(11b)E
There are no new features in Release 12.1(11b)E.
New Features in Release 12.1(10)E5
There are no new features in Release 12.1(10)E5.
New Features in Release 12.1(10)E4
There are no new features in Release 12.1(10)E4.
New Features in Release 12.1(10)E
There are no new features in Release 12.1(10)E.
New Features in Release 12.1(8b)E13
There are no new features in Release 12.1(8b)E13.
New Features in Release 12.1(8b)E10
There are no new features in Release 12.1(8b)E10.
New Features in Release 12.1(8b)E9
There are no new features in Release 12.1(8b)E9.
New Features in Release 12.1(8a)E
There are no new features in Release 12.1(8a)E.
New Features in Release 12.1(7a)E5
There are no new features in Release 12.1(7a)E5.
New Features in Release 12.1(6)E12
There are no new features in Release 12.1(6)E12.
New Features in Release 12.1(6)E8
There are no new features in Release 12.1(6)E8.
New Features in Release 12.1(6)E
There are no new features in Release 12.1(6)E.
New Features in Release 12.1(5c)E12
There are no new features in Release 12.1(5c)E12.
New Features in Release 12.1(5a)E3
Release 12.1(5a)E3 introduced the following new LANE QoS features:
•
•
New Features in Release 12.1(2)E2
There are no new features in Release 12.1(2)E2.
Caveats
These sections describe the open and resolved caveats in the Catalyst 5000 family ATM module LANE QoS software:
Release 12.1(27b)E3
These sections describe the open and resolved caveats in Release 12.1(27b)E3:
•
•
Open Caveats in Release 12.1(27b)E3
None.
Resolved Caveats in Release 12.1(27b)E3
•
The Cisco Next Hop Resolution Protocol (NHRP) feature in Cisco IOS contains a vulnerability that can result in a restart of the device or possible remote code execution.
NHRP is a primary component of the Dynamic Multipoint Virtual Private Network (DMVPN) feature.
NHRP can operate in three ways: at the link layer (Layer 2), over Generic Routing Encapsulation (GRE) and multipoint GRE (mGRE) tunnels and directly on IP (IP protocol number 54). This vulnerability affects all three methods of operation.
NHRP is not enabled by default for Cisco IOS.
This vulnerability is addressed by Cisco bug IDs CSCin95836 for non-12.2 mainline releases and CSCsi23231 for 12.2 mainline releases.
This advisory is posted at
http://www.cisco.com/en/US/products/products_security_advisory09186a008089963b.shtml.
•
Release 12.1(27b)E2
These sections describe the open and resolved caveats in Release 12.1(27b)E2:
•
•
Open Caveats in Release 12.1(27b)E2
None.
Resolved Caveats in Release 12.1(27b)E2
•
Two crafted Protocol Independent Multicast (PIM) packet vulnerabilities exist in Cisco IOS software that may lead to a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-multicast.shtml.
•
Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following protocols or features:
–
–
–
–
–
Cisco has made free software available to address these vulnerabilities for affected customers. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities mentioned in this advisory.
There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml
•
•
•
•
Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker will not be able to decrypt any previously encrypted information.
Cisco IOS is affected by the following vulnerabilities:
–
–
–
Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c49.shtml.
Note
A combined software table for Cisco IOS is available to aid customers in choosing a software releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is available at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml.
This problem is resolved in Release 12.1(27b)E2. (CSCsb12598, CSCsb40304, CSCsd92405)
•
There are workarounds available for this vulnerability.
This advisory is posted at
http://www.cisco.com/en/US/products/products_security_advisory09186a00807bd128.shtml
This problem is resolved in Release 12.1(27b)E2. (CSCsf28840)
•
Release 12.1(27b)E1
These sections describe the open and resolved caveats in Release 12.1(27b)E1:
•
•
Open Caveats in Release 12.1(27b)E1
None.
Resolved Caveats in Release 12.1(27b)E1
•
Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the vulnerabilities described in this document.
The United States Computer Emergency Response Team (US-CERT) has assigned Vulnerability Note VU#878044 to these vulnerabilities.
Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0960 has been assigned to these vulnerabilities.
This advisory will be posted at http://www.cisco.com/en/US/products/products_security_advisory09186a00809ac83b.shtml
•
Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following protocols or features:
–
–
–
–
–
Cisco has made free software available to address these vulnerabilities for affected customers. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities mentioned in this advisory.
There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml
•
Cisco has made free software available to address this vulnerability for affected customers.
A Cisco Security Advisory for this vulnerability is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a00807f4139.shtml
This problem is resolved in Release 12.1(27b)E1. (CSCsd75273, CSCse52951)
Note
•
This vulnerability only applies to traffic destined to the Cisco IOS device. Traffic transiting the Cisco IOS device will not trigger this vulnerability.
Cisco has made free software available to address this vulnerability for affected customers.
This issue is documented as Cisco bug ID CSCek37177.
There are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb0e4.shtml
This problem is resolved in Release 12.1(27b)E1. (CSCek37177)
•
http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb157.shtml
Conditions: This DDTS resolves a symptom of CSCec71950. Cisco IOS with this specific DDTS are not at risk of crash if CSCec71950 has been resolved in the software.
Workaround: Cisco IOS versions with the fix for CSCec71950 are not at risk for this issue and no workaround is required. If CSCec71950 is not resolved, see the following Cisco Security Advisory: Crafted IP Option Vulnerability for workaround information:
http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb157.shtml
This problem is resolved in Release 12.1(27b)E1 (CSCek26492)
•
Cisco will be making free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at:
http://www.cisco.com/en/US/products/products_security_advisory09186a008059e470.shtml
This problem is resolved in Release 12.1(27b)E1. (CSCsc64976)
•
Release 12.1(27b)E
These sections describe the open and resolved caveats in Release 12.1(27b)E:
•
•
Open Caveats in Release 12.1(27b)E
None.
Resolved Caveats in Release 12.1(27b)E
•
Conditions: The router needs to receive a specially crafted GRE packet sent to the tunnel end-point. The outer IP packet must come from the configured tunnel source and be sent to the configured tunnel destination IP address Present Routed bit must be set to 1.
Workaround: Upgrade Cisco IOS to a version containing fixes for: CSCuk27655 or CSCea22552 or CSCei62762.
Further information: On the 6th September 2006, Phenoelit Group posted an advisory:
Cisco Systems IOS GRE decapsulation fault
Cisco's statement and further information are available on the Cisco public website at:
http://www.cisco.com/en/US/products/products_security_response09186a008072cd7b.html
This problem is resolved in Release 12.1(27b)E. (CSCei62762)
Release 12.1(26)E9
These sections describe the open and resolved caveats in Release 12.1(26)E9:
•
•
Open Caveats in Release 12.1(26)E9
None.
Resolved Caveats in Release 12.1(26)E9
•
The Cisco Next Hop Resolution Protocol (NHRP) feature in Cisco IOS contains a vulnerability that can result in a restart of the device or possible remote code execution.
NHRP is a primary component of the Dynamic Multipoint Virtual Private Network (DMVPN) feature.
NHRP can operate in three ways: at the link layer (Layer 2), over Generic Routing Encapsulation (GRE) and multipoint GRE (mGRE) tunnels and directly on IP (IP protocol number 54). This vulnerability affects all three methods of operation.
NHRP is not enabled by default for Cisco IOS.
This vulnerability is addressed by Cisco bug IDs CSCin95836 for non-12.2 mainline releases and CSCsi23231 for 12.2 mainline releases.
This advisory is posted at
http://www.cisco.com/en/US/products/products_security_advisory09186a008089963b.shtml.
•
Symptoms: Malformed SSH version 2 packets may cause a memory leak, causing the platform to operate under a degraded condition. Under rare circumstances, the platform may reload to recover itself.
Conditions: This symptom is observed on a Cisco platform that is configured for SSH version 2 after it has received malformed SSHv2 packets.
Workaround: As an interim solution until the affected platform can be upgraded to a Cisco IOS software image that contains the fix for caveat CSCse24889, configure SSH version 1 from the global configuration mode, as in the following example:
config tip ssh version 1endAlternate Workaround: Permit only known trusted hosts and/or networks to connect to the router by creating a vty access list, as in the following example:
10.1.1.0/24 is a trusted network that is permitted access to the router, all other access is denied
access-list 99 permit 10.1.1.0 0.0.0.255access-list 99 deny anyline vty 0 4access-class 99 inendFurther Problem Description:
For information about configuring vty access lists, see the Controlling Access to a Virtual Terminal Line document:
http://www.cisco.com/en/US/docs/ios/security/configuration/guide/sec_cntrl_acc_vtl.html
For information about SSH, see the Configuring Secure Shell on Routers and Switches Running Cisco IOS document:
http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml
•
Symptoms: Malformed SSL packets may cause a router to leak multiple memory blocks.
Conditions: This symptom is observed on a Cisco router that has the ip http secure server command enabled.
Workaround: Disable the ip http secure server command.
•
Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following protocols or features:
–
–
–
–
–
Cisco has made free software available to address these vulnerabilities for affected customers. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities mentioned in this advisory.
There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml
•
•
Release 12.1(26)E8
These sections describe the open and resolved caveats in Release 12.1(26)E8:
•
•
Open Caveats in Release 12.1(26)E8
None.
Resolved Caveats in Release 12.1(26)E8
•
Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the vulnerabilities described in this document.
The United States Computer Emergency Response Team (US-CERT) has assigned Vulnerability Note VU#878044 to these vulnerabilities.
Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0960 has been assigned to these vulnerabilities.
This advisory will be posted at http://www.cisco.com/en/US/products/products_security_advisory09186a00809ac83b.shtml
•
Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following protocols or features:
–
–
–
–
–
Cisco has made free software available to address these vulnerabilities for affected customers. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities mentioned in this advisory.
There are no workarounds available to mitigate the effects of any of the vulnerabilities apart from disabling the protocol or feature itself.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml
•
Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker will not be able to decrypt any previously encrypted information.
Cisco IOS is affected by the following vulnerabilities:
–
–
–
Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c49.shtml.
Note
A combined software table for Cisco IOS is available to aid customers in choosing a software releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is available at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml.
This problem is resolved in Release 12.1(26)E8. (CSCsb12598, CSCsb40304, CSCsd92405)
•
Cisco has made free software available to address this vulnerability for affected customers.
A Cisco Security Advisory for this vulnerability is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a00807f4139.shtml
This problem is resolved in Release 12.1(26)E8. (CSCsd75273, CSCse52951)
Note
•
•
Cisco will be making free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at:
http://www.cisco.com/en/US/products/products_security_advisory09186a008059e470.shtml
This problem is resolved in Release 12.1(26)E8. (CSCsc64976)
Release 12.1(26)E7
These sections describe the open and resolved caveats in Release 12.1(26)E7:
•
•
Open Caveats in Release 12.1(26)E7
None.
Resolved Caveats in Release 12.1(26)E7
•
This vulnerability only applies to traffic destined to the Cisco IOS device. Traffic transiting the Cisco IOS device will not trigger this vulnerability.
Cisco has made free software available to address this vulnerability for affected customers.
This issue is documented as Cisco bug ID CSCek37177.
There are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb0e4.shtml
This problem is resolved in Release 12.1(26)E7 (CSCek37177)
•
http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb157.shtml
Conditions: This DDTS resolves a symptom of CSCec71950. Cisco IOS with this specific DDTS are not at risk of crash if CSCec71950 has been resolved in the software.
Workaround: Cisco IOS versions with the fix for CSCec71950 are not at risk for this issue and no workaround is required. If CSCec71950 is not resolved, see the following Cisco Security Advisory: Crafted IP Option Vulnerability for workaround information:
http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb157.shtml
This problem is resolved in Release 12.1(26)E7 (CSCek26492)
•
Conditions: The packets must be received on a trunk enabled port.
Further Information: On the 13th September 2006, Phenoelit Group posted an advisory containing three vulnerabilities:
–
–
–
These vulnerabilities are addressed by Cisco IDs:
–
–
–
Cisco's statement and further information are available on the Cisco public website at http://www.cisco.com/en/US/products/hw/switches/ps5528/tsd_products_security_response09186a00807335bc.html
This problem is resolved in Release 12.1(26)E7. (CCSCsd34759)
•
Conditions: The packets must be received on a trunk enabled port, with a matching domain name and a matching VTP domain password (if configured).
Further Information: On the 13th September 2006, Phenoelit Group posted an advisory containing three vulnerabilities:
–
–
–
These vulnerabilities are addressed by Cisco IDs:
–
–
–
Cisco's statement and further information are available on the Cisco public website at http://www.cisco.com/en/US/products/hw/switches/ps5528/tsd_products_security_response09186a00807335bc.html
This problem is resolved in Release 12.1(26)E7. (CSCsd34855)
•
Conditions: The router needs to receive a specially crafted GRE packet sent to the tunnel end-point. The outer IP packet must come from the configured tunnel source and be sent to the configured tunnel destination IP address Present Routed bit must be set to 1.
Workaround: Upgrade Cisco IOS to a version containing fixes for: CSCuk27655 or CSCea22552 or CSCei62762.
Further information: On the 6th September 2006, Phenoelit Group posted an advisory:
Cisco Systems IOS GRE decapsulation fault
Cisco's statement and further information are available on the Cisco public website at:
http://www.cisco.com/en/US/products/products_security_response09186a008072cd7b.html
This problem is resolved in Release 12.1(26)E7. (CSCei62762)
Release 12.1(26)E6
These sections describe the open and resolved caveats in Release 12.1(26)E6:
•
•
Open Caveats in Release 12.1(26)E6
None.
Resolved Caveats in Release 12.1(26)E6
None.
Release 12.1(26)E5
These sections describe the open and resolved caveats in Release 12.1(26)E5:
•
•
Open Caveats in Release 12.1(26)E5
None.
Resolved Caveats in Release 12.1(26)E5
•
Symptoms: A vulnerability exists within the Cisco IOS Authentication, Authorization, and Accounting (AAA) command authorization feature, where command authorization checks are not performed on commands executed from the Tool Command Language (TCL) exec shell. This may allow authenticated users to bypass command authorization checks in some configurations resulting in unauthorized privilege escalation.
Conditions: Devices that are not running AAA command authorization feature, or do not support TCL functionality are not affected by this vulnerability.
This vulnerability is present in all versions of Cisco IOS that support the tclsh command.
Workaround: This advisory with appropriate workarounds is posted at
http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml
•
On a Catalyst 5000 family ATM module, the Section BIP-8 errors should increment only when the module is first installed or when there is a problem on the fiber WAN segment. However, when you enter the show controllers command, the number of Section BIP-8 errors that display will increment, even when no fiber is connected to the physical a or physical b interfaces. This problem appears on these Catalyst 5000 family ATM modules: WS-X5158, WS-X5167, and WS-X5168.
Workaround: Disregard the Section BIP-8 error count.
Release 12.1(26)E4
These sections describe the open and resolved caveats in Release 12.1(26)E4:
•
•
Open Caveats in Release 12.1(26)E4
•
On a Catalyst 5000 series ATM module, the Section BIP-8 errors should increment only when the module is first installed or when there is a problem on the fiber WAN segment. However, when you enter the show controllers command, the number of Section BIP-8 errors that display will increment, even when no fiber is connected to the phy a or phy b interfaces. This problem appears on these Catalyst 5000 ATM modules: WS-X5158, WS-X5167 and WS-X5168.
Workaround: Disregard the Section BIP-8 error count.
Resolved Caveats in Release 12.1(26)E4
None.
Release 12.1(26)E3
These sections describe the open and resolved caveats in Release 12.1(26)E3:
•
•
Open Caveats in Release 12.1(26)E3
None.
Resolved Caveats in Release 12.1(26)E3
•
Through normal software maintenance processes, Cisco is removing deprecated functionality. These changes have no impact on system operation or feature availability.
•
Cisco IOS may permit arbitrary code execution after exploitation of a heap-based buffer overflow vulnerability. Cisco has included additional integrity checks in its software, as further described below, that are intended to reduce the likelihood of arbitrary code execution.
Cisco has made free software available that includes the additional integrity checks for affected customers.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a008055ef31.shtml.
Release 12.1(26)E2
These sections describe the open and resolved caveats in Release 12.1(26)E2:
•
•
Open Caveats in Release 12.1(26)E2
None.
Resolved Caveats in Release 12.1(26)E2
None
Release 12.1(26)E1
These sections describe the open and resolved caveats in Release 12.1(26)E1:
•
•
Open Caveats in Release 12.1(26)E1
None.
Resolved Caveats in Release 12.1(26)E1
•
If you delete a PVC (VPI or VCI) on the ATM module, including the ATM VLAN bind, and then you reuse the same VPI or VCI for another PVC, the VPI or VCI will automatically bind to the previous VLAN. This problem occurs on Catalyst 5500 ATM modules WS-X5158, WS-5167, WS-5161, and WS-5165 using Cisco IOS ATM software Release 12.1(23)E and Release 12.0(27)W5(29).
Workaround: None.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messagesSuccessful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messagesSuccessful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messagesSuccessful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Release 12.1(26)E
These sections describe the open and resolved caveats in Release 12.1(26)E:
•
•
Open Caveats in Release 12.1(26)E
•
If you delete a PVC (VPI or VCI) on the ATM module, including the ATM VLAN bind, and then you reuse the same VPI or VCI for another PVC, the VPI or VCI will automatically bind to the previous VLAN. This problem occurs on Catalyst 5500 ATM modules WS-X5158, WS-5167, WS-5161, and WS-5165 using Cisco IOS ATM software Release 12.1(23)E and Release 12.0(27)W5(29).
Workaround: None.
Resolved Caveats in Release 12.1(26)E
•
A Cisco device running Cisco IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DoS) attack from a malformed BGP packet. Only devices with the command `bgp log-neighbor-changes' configured are vulnerable. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet.
If a misformed packet is received and queued up on the interface, this bug may also be triggered by other means which are not considered remotely exploitable such as the use of the command `show ip bgp neighbors' or running the command `debug ip bgp <neighbor> updates' for a configured bgp neighbor.
Cisco has made free software available to address this problem.
For more details, please refer to this advisory, available at http://www.cisco.com/en/US/products/products_security_advisory09186a00803be7d9.shtml
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messagesSuccessful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messagesSuccessful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Release 12.1(23)E4
These sections describe the open and resolved caveats in Release 12.1(23)4:
•
•
Open Caveats in Release 12.1(23)E4
None.
Resolved Caveats in Release 12.1(23)E4
•
Receipt of a Border Gateway Protocol (BGP) Autonomous System (AS) path with a length that is equal to or greater than 255 might reset the BGP session. This problem is resolved in Release 12.1(26)E4.
•
Cisco IOS may permit arbitrary code execution after exploitation of a heap-based buffer overflow vulnerability. Cisco has included additional integrity checks in its software, as further described below, that are intended to reduce the likelihood of arbitrary code execution.
Cisco has made free software available that includes the additional integrity checks for affected customers.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a008055ef31.shtml.
Release 12.(23)E3
These sections describe the open and resolved caveats in Release 12.1(23)E3:
•
•
Open Caveats in Release 12.(23)E3
None.
Resolved Caveats in Release 12.(23)E3
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type. Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Release 12.1(23)E1
These sections describe the open and resolved caveats in Release 12.1(23)E1:
•
•
Open Caveats in Release 12.1(23)E1
None.
Resolved Caveats in Release 12.1(23)E1
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messagesSuccessful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Release 12.1(23)E
•
•
Open Caveats in Release 12.1(23)E
None.
Resolved Caveats in Release 12.1(23)E
•
Cisco has made free software available to address this vulnerability for affected customers.
There are workarounds available to mitigate the effects of the vulnerability.
This vulnerability was discovered during internal testing. This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb157.shtml
This problem is resolved in Release 12.1(23)E. (CSCec71950)
•
Cisco has made free software available to address these vulnerabilities for all affected customers. There are workarounds available to mitigate the effects of the vulnerability (see the "Workarounds" section of the full advisory for details.)
This advisory will be posted at http://www.cisco.com/en/US/products/products_security_advisory09186a008042d51b.shtml
This problem is resolved in Release 12.1(23)E. (CSCed65285)
Release 12.1(22)E6
These sections describe the open and resolved caveats in Release 12.1(22)E6:
•
•
Open Caveats in Release 12.1(22)E6
None.
Resolved Caveats in Release 12.1(22)E6
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type. Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Release 12.1(22)E3
These sections describe the open and resolved caveats in Release 12.1(22)E3:
•
•
Open Caveats in Release 12.1(22)E3
None.
Resolved Caveats in Release 12.1(22)E3
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type. Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Release 12.1(22)E1
These sections describe the open and resolved caveats in Release 12.1(22)E1:
•
•
Open Caveats in Release 12.1(22)E1
None.
Resolved Caveats in Release 12.1(22)E1
•
A vulnerability in Transmission Control Protocol specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in much shorter time then was previously publicly discussed. This can lead to a Denial of Service attack. Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated session, which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (e.g., router, switch, computer) and not to the sessions that are only passing through the device (e.g., transit traffic that is being routed by a router).
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a008021bc62.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS software.
•
A vulnerability in Transmission Control Protocol specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in much shorter time then was previously publicly discussed. This can lead to a Denial of Service attack. Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated session, which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (e.g., router, switch, computer) and not to the sessions that are only passing through the device (e.g., transit traffic that is being routed by a router).
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a008021bc62.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS software.
•
A vulnerability in Transmission Control Protocol specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in much shorter time then was previously publicly discussed. This can lead to a Denial of Service attack. Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated session, which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (e.g., router, switch, computer) and not to the sessions that are only passing through the device (e.g., transit traffic that is being routed by a router).
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a008021bc62.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS software.
•
A vulnerability in Transmission Control Protocol specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in much shorter time then was previously publicly discussed. This can lead to a Denial of Service attack. Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated session, which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (e.g., router, switch, computer) and not to the sessions that are only passing through the device (e.g., transit traffic that is being routed by a router).
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a008021bc62.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS software.
•
Symptoms: A router may reload unexpectedly after it attempts to access a low memory address.
Conditions: This symptom is observed after ACLs have been updated dynamically or after the router has responded dynamically to an IDS signature.
Workaround: Disable IP Inspect and IDS.
Release 12.1(22)E
These sections describe the open and resolved caveats in Release 12.1(22)E:
•
•
Open Caveats in Release 12.1(22)E
None.
Resolved Caveats in Release 12.1(22)E
•
Certain release trains of Cisco Internetwork Operating System (IOS), when configured to use the Cisco IOS Secure Shell (SSH) server in combination with Terminal Access Controller Access Control System Plus (TACACS+) as a means to perform remote management tasks on Cisco IOS devices, may contain two vulnerabilities that can potentially cause Cisco IOS devices to exhaust resources and reload. Repeated exploitation of these vulnerabilities can result in a Denial of Service (DoS) condition. Use of SSH with Remote Authentication Dial In UserService (RADIUS) is not affected by these vulnerabilities.
Cisco has made free software available to address these vulnerabilities for all affected customers. There are workarounds available to mitigate the effects of the vulnerability (see the "Workarounds" section of the full advisory for details.)
This advisory will be posted at http://www.cisco.com/en/US/products/products_security_advisory09186a008042d51b.shtml
•
A Catalyst 5000 family WS-X516X ATM module sends RFC 1483 bridged protocol data units (PDUs) with the product identifier (PID) and the original frame check sequence (FCS) saved within each of the PDUs sent. With Release 12.1(22)E, you can change the RFC 1483 bridged frame format from PID=0x0001 to PID=0x0007 on the LANE QoS ATM module WS-X516X by using the no atm pvc 1483fcs enable command.
Note
•
A Catalyst 5000 WS-X515X ATM module that is configured for ATM PVCs will fail to come online and operate if any administratively shutdown subinterfaces are configured on the module. If you reset the module with this condition, the module will come online but will place the E0 and ATM0 interfaces in the shutdown state. This condition results in the inability to session to the module or pass traffic. If the ATM interface is not connected to another device, the module will come online with the E0 interface operating, but as soon as a link is established on the ATM interface, the E0 and ATM0 interfaces will shut down, and the ability to session to the module or pass traffic through the module will be lost.
Workaround: Remove any administratively shutdown subinterfaces from the configuration, or eliminate the use of subinterfaces completely and configure all the PVCs under the main ATM interface.
Release 12.1(20)E6
These sections describe the open and resolved caveats in Release 12.1(20)E6:
•
•
Open Caveats in Release 12.1(20)E6
•
A Catalyst 5000 family ATM module generates the following message when a LAN Emulation Client (LEC) on a Cisco device receives wrongly formatted LANE control frames:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted, or the LAN Emulation Server (LES) can be moved from the Catalyst 5000 family ATM module to another device.
Resolved Caveats in Release 12.1(20)E6
•
A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messages
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type. Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Release 12.1(20)E3
These sections describe the open and resolved caveats in Release 12.1(20)E3:
•
•
Open Caveats in Release 12.1(20)E3
•
A Catalyst 5000 family ATM module generates the following message when a LAN Emulation Client (LEC) on a Cisco device receives wrongly formatted LANE control frames:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted, or the LAN Emulation Server (LES) can be moved from the Catalyst 5000 family ATM module to another device.
Resolved Caveats in Release 12.1(20)E3
•
Certain release trains of Cisco Internetwork Operating System (IOS), when configured to use the Cisco IOS Secure Shell (SSH) server in combination with Terminal Access Controller Access Control System Plus (TACACS+) as a means to perform remote management tasks on Cisco IOS devices, may contain two vulnerabilities that can potentially cause Cisco IOS devices to exhaust resources and reload. Repeated exploitation of these vulnerabilities can result in a Denial of Service (DoS) condition. Use of SSH with Remote Authentication Dial In UserService (RADIUS) is not affected by these vulnerabilities.
Cisco has made free software available to address these vulnerabilities for all affected customers. There are workarounds available to mitigate the effects of the vulnerability (see the "Workarounds" section of the full advisory for details.)
This advisory will be posted at http://www.cisco.com/en/US/products/products_security_advisory09186a008042d51b.shtml
•
A vulnerability in Transmission Control Protocol specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in much shorter time then was previously publicly discussed. This can lead to a Denial of Service attack. Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated session, which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (e.g., router, switch, computer) and not to the sessions that are only passing through the device (e.g., transit traffic that is being routed by a router).
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a008021bc62.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS software.
•
A vulnerability in Transmission Control Protocol specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in much shorter time then was previously publicly discussed. This can lead to a Denial of Service attack. Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated session, which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (e.g., router, switch, computer) and not to the sessions that are only passing through the device (e.g., transit traffic that is being routed by a router).
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a008021bc62.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS software.
•
A vulnerability in Transmission Control Protocol specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in much shorter time then was previously publicly discussed. This can lead to a Denial of Service attack. Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated session, which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (e.g., router, switch, computer) and not to the sessions that are only passing through the device (e.g., transit traffic that is being routed by a router).
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a008021bc62.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS software.
•
A vulnerability in Transmission Control Protocol specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in much shorter time then was previously publicly discussed. This can lead to a Denial of Service attack. Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated session, which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (e.g., router, switch, computer) and not to the sessions that are only passing through the device (e.g., transit traffic that is being routed by a router).
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/en/US/products/products_security_advisory09186a008021bc62.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS software.
•
Symptoms: A router may reload unexpectedly after it attempts to access a low memory address.
Conditions: This symptom is observed after ACLs have been updated dynamically or after the router has responded dynamically to an IDS signature.
Workaround: Disable IP Inspect and IDS.
Release 12.1(20)E
These sections describe the open and resolved caveats in Release 12.1(20)E:
•
•
Open Caveats in Release 12.1(20)E
•
A Catalyst 5000 family ATM module generates the following message when a LAN Emulation Client (LEC) on a Cisco device receives wrongly formatted LANE control frames:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted, or the LAN Emulation Server (LES) can be moved from the Catalyst 5000 family ATM module to another device.
Resolved Caveats in Release 12.1(20)E
•
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, please refer to this advisory, available at http://www.cisco.com/en/US/products/products_security_advisory09186a0080237a05.shtml.
•
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, please refer to this advisory, available at http://www.cisco.com/en/US/products/products_security_advisory09186a0080237a05.shtml.
Release 12.1(19)E2
These sections describe the open and resolved caveats in Release 12.1(19)E2:
•
•
Open Caveats in Release 12.1(19)E2
•
A Catalyst 5000 family ATM module generates the following message when a LAN Emulation Client (LEC) on a Cisco device receives wrongly formatted LANE control frames:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interfaceATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted or the LAN Emulation Server (LES) can be moved from the Catalyst 5000 family ATM module to another device.
Resolved Caveats in Release 12.1(19)E2
None.
Release 12.1(19)E
These sections describe the open and resolved caveats in Release 12.1(19)E:
•
•
Open Caveats in Release 12.1(19)E
•
When a Frame Relay router running integrated routing and bridging (IRB) receives packets from an ATM LANE module, the Frame Relay router is not able to handle incoming packets that have a SNAP identifier of 0007.
The cause is that the Frame Relay side has a priority which would make it the root, yet the switch recognizes the router as the root. Even if the priority on the switch for the VLAN is changed so that it should be the root, the router still shows itself as the root.
Workaround: Set the router to be the root.
•
A Catalyst 5000 family ATM module generates the following message when a LAN Emulation Client (LEC) on a Cisco device receives wrongly formatted LANE control frames:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interfaceATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted or the LAN Emulation Server (LES) can be moved from the Catalyst 5000 family ATM module to another device.
Resolved Caveats in Release 12.1(19)E
•
When you configure approximately 800 PVCs in 200 VLANs on a WX-X5165 module, all of the PVCs become active at startup. If you shut down and then restart an interface, the interface comes up but then shuts down and restarts again, and some of the PVCs that were configured on that interface do not become active again. In addition, the interface continues to shut down and restart at regular intervals. The frequency with which the interface shuts down and restarts increases in proportion to the number of PVCs that have been configured in that interface.
Workaround: None.
Release 12.1(14)E1
These sections describe the open and resolved caveats in Release 12.1(14)E1:
•
•
Open Caveats in Release 12.1(14)E1
•
When you configure approximately 800 PVCs in 200 VLANs on a WX-X5165 module, all of the PVCs become active at startup. If you shut down and then restart an interface, the interface comes up but then shuts down and restarts again, and some of the PVCs that were configured on that interface do not become active again. In addition, the interface continues to shut down and restart at regular intervals. The frequency with which the interface shuts down and restarts increases in proportion to the number of PVCs that have been configured in that interface.
Workaround: None.
•
When an LEC on a Cisco device receives wrongly formatted LANE control frames, the following message is generated:
%LANE-3-LEC_CONTROL_MSG: Received bad control messages on interface ATM1/0.101Workaround: The LEC does not have to be shut down because this message usually appears only a few times. If the message continues to appear, the LEC can be restarted, or the LAN Emulation Server (LES) can be moved from the Cisco Catalyst 6500 series ATM module to another device.
Resolved Caveats in Release 12.1(14)E1
•
A Catalyst 5000 LANE module or Catalyst 6000 LANE module running Release 12.0(20)W5(24) or any images in Release 12.1E can display CPUHOG messages similar to the following:
Feb 16 01:35:06: %SYS-3-CPUHOG: Task ran for 2448 msec (0/0), process = ATMPeriodic, PC = 400A77BC.-Traceback= 400A7768 400A77C4 401D3534 401D3AA6Workaround: None.
•
Under a very high load, the MPOA-capable LANE modules may drop BPDUs that are meant to be sent over LANE. Another consequence of the high load is the impossibility to session to the LANE module. (For more information, see caveat CSCdj90626.) This problem is present if the LANE module is configured for LANE, not if the LANE module is configured for PVCs.
Workaround: None.
Release 12.1(13)E
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(13)E:
•
•
Open Caveats in Release 12.1(13)E
•
When you configure approximately 800 PVCs in 200 VLANS on a WX-X5165 module, all of the PVCs become active at startup. If you shut down and then restart an interface, the interface comes up but then shuts down and restarts again, and some of the PVCs that were configured on that interface do not become active again. In addition, the interface continues to shut down and restart at regular intervals. The frequency with which the interface shuts down and restarts increases in proportion to the number of PVCs that have been configured in that interface.
Workaround: None.
•
When an LEC on a Cisco device receives wrongly formatted LANE control frames, the following message is generated:
%LANE-3-LEC_CONTROL_MSG: Received bad control messages on interface ATM1/0.101Workaround: The LEC does not have to be shut down because this message usually appears only a few times. If the message continues to appear, the LEC can be restarted, or the LAN Emulation Server (LES) can be moved from the Cisco Catalyst 6500 series ATM module to another device.
•
Under a very high load, the MPOA-capable LANE modules may drop BPDUs meant to be sent over LANE, or it may be impossible to session into the LANE module. (See CSCdj90626.) This problem is present if the LANE module is configured for LANE, but it is not present if the LANE module is configured for PVCs.
Resolved Caveats in Release 12.1(13)E
•
A WS-X5161 LANE module running Release 12.1(10)E or Release 12.0(20)W5(24a) displays an incorrect 5-minute output rate when you use the show interface atm0 command. The problem does not appear in 12.0(10)W5(18a) and earlier Cisco IOS releases.
Release 12.1(12c)E1
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(12c)E1:
•
•
Open Caveats in Release 12.1(12c)E1
None.
Resolved Caveats in Release 12.1(12c)E1
None.
Release 12.1(12c)E
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(12c)E:
•
•
Open Caveats in Release 12.1(12c)E
•
When you configure approximately 800 PVCs in 200 VLANS on a WS-X5165 module, all of the PVCs become active at startup. If you shut down and then restart an interface, the interface comes up but then shuts down and restarts again, and some of the PVCs that were configured on that interface do not become active again. In addition, the interface continues to shut down and restart at regular intervals. The frequency with which the interface shuts down and restarts increases in proportion to the number of PVCs that have been configured on that interface.
Workaround: None.
•
When an LEC on a Cisco device receives incorrectly formatted LANE control frames, the following message is generated:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times.If the message continues to appear, the LEC can be restarted, or the LAN Emulation Server (LES) can be moved from the Cisco Catalyst 6500 series ATM module to another device.
Resolved Caveats in Release 12.1(12c)E
•
MIBs do not support LEC uptime, which is the equivalent of the show lane client command output and shows how long the LEC has been operating.
This caveat has been resolved in Release 12.1(12c)E.
•
The WS-X6101 LANE module running Cisco IOS Release 12.1(10)E or Release 12.0(5)XS does not support the configuration option to enable and disable the LE ARP reverify local feature. Attempts to configure the global command lane le-arp reverify local have resulted in the following error:
ATM(config)#lane le-arp reverify local
% Invalid input detected at '^' marker
This caveat has been resolved in Release 12.1(12c)E.
•
In Catalyst 5000 family platforms, the LEC sends LE-ARP reverification requests to NMP, even though the lane le-arp reverify local command is not configured.
This caveat has been resolved in Release 12.1(12c)E.
Release 12.1(11b)E12
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(11b)E12:
•
•
Open Caveats in Release 12.1(11b)E12
None.
Resolved Caveats in Release 12.1(11b)E12
•
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, please refer to this advisory, available at http://www.cisco.com/en/US/products/products_security_advisory09186a0080237a05.shtml.
•
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, please refer to this advisory, available at http://www.cisco.com/en/US/products/products_security_advisory09186a0080237a05.shtml.
•
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at this URL:
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
This problem is resolved in Release 12.1(11b)E12.
Release 12.1(11b)E11
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(11b)E11:
•
•
Open Caveats in Release 12.1(11b)E11
•
On the Catalyst 5000 family ATM module running the 12.1(E) versions of software, the ATM module may crash when the configuration file is copied from TFTP.
Workaround: Use the configuration after saving it to startup-config. The fix for this caveat will be integrated into Release 12.1(10)E4.
•
A bad control message may lead to LEC instability. When an LEC on a Cisco switch receives LANE control frames that are formatted incorrectly, the following message is generated:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted, or the LES can be moved from the Cisco Catalyst 6500 series ATM module to another device.
Resolved Caveats in Release 12.1(11b)E11
•
Cisco devices which run IOS and contain support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet directed at the affected device can cause a reload of the device. No authentication is necessary for the packet to be received by the affected device. The SSH server in Cisco IOS is disabled by default. The malformed packets can be generated using the SSHredder test suite from Rapid7, Inc. Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this vulnerability.
This advisory is available at this URL:
http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml
Release 12.1(11b)E
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(11b)E:
•
•
Open Caveats in Release 12.1(11b)E
•
On the Catalyst 5000 family ATM module running the 12.1(E) versions of software, the ATM module may crash when the configuration file is copied from TFTP.
Workaround: Use the configuration after saving it to startup-config. The fix for this caveat will be integrated into Release 12.1(10)E4.
•
A bad control message may lead to LEC instability. When an LEC on a Cisco switch receives LANE control frames that are formatted incorrectly, the following message is generated:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted, or the LES can be moved from the Cisco Catalyst 6500 series ATM module to another device.
Resolved Caveats in Release 12.1(11b)E
•
In a HSRP environment consisting of Catalyst Switch ATM LANE modules and Cisco routers running current version of Cisco IOS software and third party routers, with the Cisco routers connected to the ethernet segment running HSRP and LECs configured on the ATM LANE modules, the third party routers may lose connectivity to the active router on a HSRP switchover.This is because the ATM LANE module that is proxying for the router forwards the special MAC-addressed packet to the BUS without sending the no-src le-narp message for the same.
•
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces, 32-bit counters in the ifTable are currently supported, and support for the corresponding 64-bit counter variables is not available.
•
On Catalyst 5000 family and Catalyst 6500 series ATM modules, when the startup configuration has shut down for an interface, the ATM PVC and VLAN bindings are lost from the running configuration when you enter no shut command.
This problem has been fixed.
Workaround: Copy a configuration from the TFTP location without the shut command, or load an older image.
•
The ATM module display has a random listing of PVCs when you use the show running-config command. This caveat was resolved in Release 12.0(19)W5(23).
•
When you configure a large number of subinterfaces on the LANE module and if you reload a module with 12.0(14)W5(20) software, the LANE module locks up, preventing access to the module from the supervisor engine. This caveat is fixed in 12.0(19)W5(23) and 12.1(10)E releases.
Workaround: None.
•
The Catalyst 5000 ATM LANE module x5161 running 12.0(14)W5(20), under rare circumstances continues to generate the following messages when you enable the debug lane client stat command:
state ACTIVE event LEC_CTL_TOPO_CHANGE => ACTIVEThis message indicates that ATM module may be considering all BPDUs to be Topology Change messages.
Workaround: None.
Release 12.1(10)E5
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(10)E5:
•
•
Open Caveats in Release 12.1(10)E5
•
On the Catalyst 5000 family ATM module running the 12.1(E) versions of software, the ATM module may crash when the configuration file is copied from TFTP.
Workaround: Use the configuration after saving it to startup-config. The fix for this caveat will be integrated into Release 12.1(10)E4.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address.
Workaround: None.
•
If both PHYs of the WS-X5161 module are connected with the ATM switch, the Catalyst 5000 family switch shows only the active PHY as connected. The standby PHY is always shown as not connected. This situation is caused by a messaging problem between the WS-X5161 module and the supervisor module.
Workaround: None.
•
A bad control message may lead to LEC instability. When an LEC on a Cisco switch receives LANE control frames that are formatted incorrectly, the following message is generated:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted, or the LES can be moved from the Cisco Catalyst 6500 series ATM module to another device.
Resolved Caveats in Release 12.1(10)E5
•
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Release 12.1(10)E4
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(10)E4:
•
•
Open Caveats in Release 12.1(10)E4
•
On the Catalyst 5000 family ATM module running the 12.1(E) versions of software, the ATM module may crash when the configuration file is copied from TFTP.
Workaround: Use the configuration after saving it to startup-config. The fix for this caveat will be integrated into Release 12.1(10)E4.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address.
Workaround: None.
•
If both PHYs of the WS-X5161 module are connected with the ATM switch, the Catalyst 5000 family switch shows only the active PHY as connected. The standby PHY is always shown as not connected. This situation is caused by a messaging problem between the WS-X5161 module and the supervisor module.
Workaround: None.
•
A bad control message may lead to LEC instability. When an LEC on a Cisco switch receives LANE control frames that are formatted incorrectly, the following message is generated:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted, or the LES can be moved from the Cisco Catalyst 6500 series ATM module to another device.
Resolved Caveats in Release 12.1(10)E4
•
An error can occur with management protocol processing. Further information is available on Cisco.com:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Release 12.1(10)E
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(10)E:
•
•
Open Caveats in Release 12.1(10)E
•
On the Catalyst 5000 family ATM module running the 12.1(E) versions of software, the ATM module may crash when the configuration file is copied from TFTP.
Workaround: Use the configuration after saving it to startup-config. The fix for this caveat will be integrated into Release 12.1(10)E.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address.
Workaround: None.
•
If both PHYs of the WS-X5161 module are connected with the ATM switch, the Catalyst 5000 family switch shows only the active PHY as connected. The standby PHY is always shown as not connected. This situation is caused by a messaging problem between the WS-X5161 module and the supervisor module.
Workaround: None.
•
A bad control message may lead to LEC instability. When an LEC on a Cisco switch receives LANE control frames that are formatted incorrectly, the following message is generated:
%LANE-3-LEC_CONTROL_MSG: Received bad control message on interfaceATM1/0.101Workaround: The LEC does not have to be brought down because this message usually appears only a few times. However, if the message keeps reappearing, the LEC can be restarted, or the LES can be moved from the Cisco Catalyst 6500 series ATM module to another device.
Resolved Caveats in Release 12.1(10)E
•
On the Catalyst 5000 family ATM module running the 12.1(E) versions of software, the ATM module may crash when the configuration file is copied from TFTP.
Workaround: Use the configuration after saving it to startup-config. The fix for this caveat will be integrated into Release 12.1(10)E.
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces, 32-bit counters in the ifTable are currently supported, and support for the corresponding 64-bit counter variables is not available.
•
On Catalyst 5000 family and Catalyst 6500 series ATM modules, when the startup configuration has shut down for an interface, the ATM PVC and VLAN bindings are lost from the running configuration when you enter no shut command.
This problem has been fixed.
Workaround: Copy a configuration from the TFTP location without the shut command, or load an older image.
•
The ATM module display has a random listing of PVCs when you use the show running-config command. This caveat was fixed in Release 12.0(19)W5(23).
•
When you configure a large number of subinterfaces on the LANE module and if you reload a module with 12.0(14)W5(20) software, the LANE module locks up, preventing access to the module from the supervisor engine. This caveat is fixed in 12.0(19)W5(23) and 12.1(10)E releases.
Workaround: None.
Release 12.1(8b)E13
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(8b)E13:
•
•
Open Caveats in Release 12.1(8b)E13
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces. 32-bit counters in the ifTable are currently supported; support for the corresponding 64-bit counter variables is not available.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address. There is no workaround for this problem.
Resolved Caveats in Release 12.1(8b)E13
•
Cisco devices which run IOS and contain support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet directed at the affected device can cause a reload of the device. No authentication is necessary for the packet to be received by the affected device. The SSH server in Cisco IOS is disabled by default. The malformed packets can be generated using the SSHredder test suite from Rapid7, Inc. Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this vulnerability.
This advisory is available at this URL:
http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml
Release 12.1(8b)E10
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(8b)E10:
•
•
Open Caveats in Release 12.1(8b)E10
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces. 32-bit counters in the ifTable are currently supported; support for the corresponding 64-bit counter variables is not available.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address. There is no workaround for this problem.
Resolved Caveats in Release 12.1(8b)E10
•
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Release 12.1(8b)E9
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(8b)E9:
•
•
Open Caveats in Release 12.1(8b)E9
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces. 32-bit counters in the ifTable are currently supported; support for the corresponding 64-bit counter variables is not available.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address. There is no workaround for this problem.
Resolved Caveats in Release 12.1(8b)E9
•
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Release 12.1(8a)E
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(8a)E:
•
•
Open Caveats in Release 12.1(8a)E
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces, 32-bit counters in the ifTable are currently supported, and support for the corresponding 64-bit counter variables is not available.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address.
Workaround: None.
Resolved Caveats in Release 12.1(8a)E
•
Cisco routers and the Catalyst 5000 family and Catalyst 6500 series ATM modules with LANE configured that are running the current releases of Cisco IOS software may generate the following error messages:
Error Message Sep 15 13:13:10: %LANE-3-LEC_CONTROL_MSG: Received bad control message on interface ATM5/0/0.1The debug lane client error command provides additional debug support for these error messages. This command will be integrated into Cisco IOS Release 12.1(8).
•
On Catalyst 5500 switches, the Feature Inhibition Module (FIM) (WS-X5165) loses the ILMI prefix and then loses its connection. This problem occurs when more than 30 LECs are configured and the LECs go down.
•
A LEC that is configured as a LANE-release 2 client in a multivendor LANE environment may experience interoperability problems when the LECS and LES/BUS services reside on the third-party vendor equipment. The LEC will send out a tag value in the LAN destination field of the flush request, which is not recognized as an appropriate value by the third-party BUS.
Workaround: Disable the flush request sent by the LEC on the Cisco device.
•
In the Catalyst 5000 family ATM modules, when repeated shut and noshut commands are performed on ATM PVC-to-VLAN binding, the binding is lost.
Workaround: If the write memory command was used before the problem occurred, then the PVC-to-VLAN bindings can be restored from the NVRAM configuration using the copy startup running command.
•
Cisco Security Advisory:
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
Revision 1.0: INTERIM
For Public Release 2001 February 27 20:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Cisco IOS software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers.
This vulnerability is present in all released releases of Cisco IOS software running on Cisco routers and switches. It only affects the security of TCP connections that originate or terminate on the affected Cisco device itself; it does not apply to TCP traffic forwarded through the affected device in transit between two other hosts.
To remove the vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is described in the DDTS record.
Workarounds are available that limit or deny successful exploitation of the vulnerability by filtering traffic containing forged IP source addresses at the perimeter of a network or directly on individual devices. This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml.
•
Cisco Security Advisory:
Cisco IOS Software Multiple SNMP Community String Vulnerabilities
Revision 1.0: INTERIM
For Public Release 2001 February 27 20:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Multiple Cisco IOS software and Catalyst OS software releases contain several independent but related vulnerabilities involving the unexpected creation and exposure of SNMP community strings. These vulnerabilities can be exploited to permit the unauthorized viewing or modification of affected devices.
To remove the vulnerabilities, Cisco is offering free software upgrades for all affected platforms. The defects are documented in DDTS records CSCds32217, CSCds16384, CSCds19674, CSCdr59314, CSCdr61016, and CSCds49183.
In addition to specific workarounds for each vulnerability, affected systems can be protected by preventing SNMP access.
This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml.
•
Cisco Security Advisory:
Cisco IOS Software SNMP Read-Write ILMI Community String Vulnerability
Revision 1.0: INTERIM
For Public Release 2001 February 27 04:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Cisco IOS software releases based on Releases 11.x and 12.0 contain a defect that allows a limited number of SNMP objects to be viewed and modified without authorization using a undocumented ILMI community string. Some of the modifiable objects are confined to the MIB-II system group, such as ("sysContact," "sysLocation," and "sysName") that do not affect the device's normal operation but that may cause confusion if modified unexpectedly. The remaining objects are contained in the LAN-EMULATION-CLIENT and PNNI MIBs, and modification of those objects may affect ATM configuration. An affected device might be vulnerable to a denial-of-service attack if it is not protected against unauthorized use of the ILMI community string.
The vulnerability is only present in certain combinations of IOS releases on Cisco routers and switches. ILMI is a necessary component for ATM, and the vulnerability is present in every IOS release that contains the supporting software for ATM and ILMI without regard to the actual presence of an ATM interface or the physical ability of the device to support an ATM connection.
To remove this vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is documented in DDTS record CSCdp11863.
In lieu of a software upgrade, a workaround can be applied to certain IOS releases by disabling the ILMI community or "*ilmi" view and applying an access list to prevent unauthorized access to SNMP. Any affected system, regardless of software release, may be protected by filtering SNMP traffic at a network perimeter or on individual devices.
This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml.
•
A Border Gateway Protocol (BGP) update contains Network Layer Reachability Information (NLRI) and attributes that describe the path to the destination. Each path attribute is a type, length, value (TLV) object.
The type is a two-octet field that includes the attribute flags and the type code. The fourth high-order bit (bit 3) of the attribute flags is the extended length bit. It defines whether the attribute length is one octet (if set to 0) or two octets (if set to 1). The extended length bit is used only if the length of the attribute value is greater than 255 octets.
The AS_PATH (type code 2) is represented by a series of TLVs (or path segments). The path segment type indicates whether the content is an AS_SET or AS_SEQUENCE. The path segment length indicates the number of autonomous systems in the segment. The path segment value contains the list of autonomous systems. (Each autonomous system is represented by two octets.)
The total length of the attribute depends on the number of path segments and the number of autonomous systems in them. For example, if the AS_PATH contains only an AS_SEQUENCE, then the maximum number of autonomous systems (without having to use the extended length bit) is 126 [= (255-2)/2]. If the update is propagated across an autonomous system boundary, then the local Abstract Syntax Notation (ASN) must be appended and the extended length bit used.
The caveat was caused by the mishandling of the operation during which the length of the attribute was truncated to only one octet. Because of the internal operation of the code, the receiving border router would not be affected, but its BGP peers would detect the mismatch and issue a notification message (update malformed) to reset their session.
The average maximum AS_PATH length in the Internet is between 15 and 20 autonomous systems, so there is no need to use the extended length. The failure was discovered because of a malfunction in the BGP implementation of another vendor. There is no workaround.
[Part of the text was taken from rfc 1771.]
•
When BGP sessions get reset, currently, with lob neighbor-changes, the even is errlogged. However, to find out the reasons as to why there was a reset, one has to turn on the debugs. This fix will automatically errlog the notification message when the sessions are reset. This feature will be turned on by the same log neighbor-changes knob.
Release 12.1(7a)E5
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(7a)E5:
•
•
Open Caveats in Release 12.1(7a)E5
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E3 and have QoS-enabled LECs, if you change the QoS parameters in the QoS database, a new QoS VCC may not be established.
Workaround: Enter the clear cam dynamic <vlanid> command on the Catalyst family switch.
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces, 32-bit counters in the ifTable are currently supported, and support for the corresponding 64-bit counter variables is not available.
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E3 and have QoS-enabled LECs, if you move the LECs from QoS-capable mode to non-QoS-capable mode, the LECs may continue to use the UBR+ VCC instead of reverting to the UBR VCC.
Workaround: Enter the clear cam dynamic <vlanid> command on the Catalyst family switch.
•
UBR+ VCC is lost when the traffic rate is 100 Mbps on the ATM OC-3 module.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address.
Workaround: None.
Resolved Caveats in Release 12.1(7a)E5
•
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Release 12.1(6)E8
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(6)E:
•
•
Open Caveats in Release 12.1(6)E8
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E3 and have QoS-enabled LECs, if you change the QoS parameters in the QoS database, a new QoS VCC may not be established.
Workaround: Enter the clear cam dynamic <vlanid> command on the Catalyst family switch.
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces, 32-bit counters in the ifTable are currently supported, and support for the corresponding 64-bit counter variables is not available.
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E3 and have QoS-enabled LECs, if you move the LECs from QoS-capable mode to non-QoS-capable mode, the LECs may continue to use the UBR+ VCC instead of reverting to the UBR VCC.
Workaround: Enter the clear cam dynamic <vlanid> command on the Catalyst family switch.
•
UBR+ VCC is lost when the traffic rate is 100 Mbps on the ATM OC-3 module.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address.
Workaround: None.
Resolved Caveats in Release 12.1(6)E8
•
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
•
On Catalyst 5000 family and Catalyst 6500 series platforms, the system CAM entries created by MPOA are not removed when the ATM module is removed, reset, reloaded, or when the ATM module hangs.
Workaround: Reload the Catalyst operating system.
Alternate workaround: The problem was fixed and is available as follows:
–
•
In rare conditions, when you enter shut and noshut commands, you might see the following error messages:
04:20:13: ## ATMDRV ERROR REPORT ## THost: Host Response Status: P1CMDS_LANE_HA SH_SET(5) Response Status = P1CMDS_STATUS_OOPS(5) 04:20:13: ## ATMDRV ## vlan 727 mac_addr 0x00-00-00-24-0B-4C## ATMDRV ## state 1 local_index 16391 pacing_counter 1 No functionality will be affected.This problem is fixed in Release 12.1(6)E.
•
SNMP fails on the WS-X5165 module. None of the MIB variables can be queried from this card. This problem is fixed in Release 12.1(6)E.
•
In the Catalyst 5000 family and Catalyst 6500 series platforms, the ATM module switchover does not happen on an ILMI-keepalive failure.
Workaround: Use the images on the ATM modules from Release 12.1(6)E, Release 12.0(14)W5(20), or later.
•
Queries on variables of the ciscoAal5 MIB and ciscoAtmExt MIB fail for VCs on the ATM major interface (ILMI and signaling VCs). Queries work well for VCs configured on subinterfaces.
•
In the Catalyst 5000 family ATM modules, when repeated shut and noshut commands are performed on ATM PVC-to-VLAN binding, the binding is lost.
Workaround: If the write memory command was used before the problem occurred, then the PVC-to-VLAN bindings can be restored from the NVRAM configuration using the copy startup running command.
•
With the WS-X5167 module, SNMP set operation on the cadpStatAdminActivePhy MIB variable fails. ATM preferred PHY cannot be changed using SNMP. This set works with WS-X5158, WS-X5161, and WS-X5166 ATM modules, but fails with the WS-5167 module.
Workaround: Use the atm preferred phy command on the command line interface.
This problem is fixed in Release 12.1(6)E.
•
In the Catalyst 5000 family ATM OC3 module (WS-X5167), switchover does not happen on ILMI-keepalive failure in c5atm-lc-mz software, Release 12.0(14)W5(19). This problem is fixed in Release 12.1(6)E.
•
On Catalyst 5000 family ATM modules running Release 12.1(5)E with QoS-enabled LECs, in rare situations when LECs transition from QoS-capable mode to non-QoS-capable mode, they might establish more than one UBR VCC for a short time. These VCCs will time out, and only one of the VCCs will be used for transmitting data.
•
Cisco Security Advisory:
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
Revision 1.0: INTERIM
For Public Release 2001 February 27 20:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Cisco IOS software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers.
This vulnerability is present in all released releases of Cisco IOS software running on Cisco routers and switches. It only affects the security of TCP connections that originate or terminate on the affected Cisco device itself; it does not apply to TCP traffic forwarded through the affected device in transit between two other hosts.
To remove the vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is described in the DDTS record.
Workarounds are available that limit or deny successful exploitation of the vulnerability by filtering traffic containing forged IP source addresses at the perimeter of a network or directly on individual devices. This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml.
•
Cisco Security Advisory:
Cisco IOS Software Multiple SNMP Community String Vulnerabilities
Revision 1.0: INTERIM
For Public Release 2001 February 27 20:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Multiple Cisco IOS software and CatOS software releases contain several independent but related vulnerabilities involving the unexpected creation and exposure of SNMP community strings. These vulnerabilities can be exploited to permit the unauthorized viewing or modification of affected devices.
To remove the vulnerabilities, Cisco is offering free software upgrades for all affected platforms. The defects are documented in DDTS records CSCds32217, CSCds16384, CSCds19674, CSCdr59314, CSCdr61016, and CSCds49183.
In addition to specific workarounds for each vulnerability, affected systems can be protected by preventing SNMP access.
This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml.
•
Cisco Security Advisory:
Cisco IOS Software SNMP Read-Write ILMI Community String Vulnerability
Revision 1.0: INTERIM
For Public Release 2001 February 27 04:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Cisco IOS software releases based on versions 11.x and 12.0 contain a defect that allows a limited number of SNMP objects to be viewed and modified without authorization using a undocumented ILMI community string. Some of the modifiable objects are confined to the MIB-II system group, such as ("sysContact," "sysLocation" and "sysName") that do not affect the device's normal operation but that may cause confusion if modified unexpectedly. The remaining objects are contained in the LAN-EMULATION-CLIENT and PNNI MIBs, and modification of those objects may affect ATM configuration. An affected device might be vulnerable to a denial-of-service attack if it is not protected against unauthorized use of the ILMI community string.
The vulnerability is only present in certain combinations of Cisco IOS releases on Cisco routers and switches. ILMI is a necessary component for ATM, and the vulnerability is present in every IOS release that contains the supporting software for ATM and ILMI without regard to the actual presence of an ATM interface or the physical ability of the device to support an ATM connection.
To remove this vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is documented in DDTS record CSCdp11863.
In lieu of a software upgrade, a workaround can be applied to certain Cisco IOS releases by disabling the ILMI community or "*ilmi" view and applying an access list to prevent unauthorized access to SNMP. Any affected system, regardless of software release, may be protected by filtering SNMP traffic at a network perimeter or on individual devices.
This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml.
•
A Border Gateway Protocol (BGP) update contains Network Layer Reachability Information (NLRI) and attributes that describe the path to the destination. Each path attribute is a type, length, value (TLV) object.
The type is a two-octet field that includes the attribute flags and the type code. The fourth high-order bit (bit 3) of the attribute flags is the extended length bit. It defines whether the attribute length is one octet (if set to 0) or two octets (if set to 1). The extended length bit is used only if the length of the attribute value is greater than 255 octets.
The AS_PATH (type code 2) is represented by a series of TLVs (or path segments). The path segment type indicates whether the content is an AS_SET or AS_SEQUENCE. The path segment length indicates the number of autonomous systems in the segment. The path segment value contains the list of autonomous systems. (Each autonomous system is represented by two octets.)
The total length of the attribute depends on the number of path segments and the number of autonomous systems in them. For example, if the AS_PATH contains only an AS_SEQUENCE, then the maximum number of autonomous systems (without having to use the extended length bit) is 126 [= (255-2)/2]. If the update is propagated across an autonomous system boundary, then the local Abstract Syntax Notation (ASN) must be appended and the extended length bit used.
The caveat was caused by the mishandling of the operation during which the length of the attribute was truncated to only one octet. Because of the internal operation of the code, the receiving border router would not be affected, but its BGP peers would detect the mismatch and issue a notification message (update malformed) to reset their session.
The average maximum AS_PATH length in the Internet is between 15 and 20 autonomous systems, so there is no need to use the extended length. The failure was discovered because of a malfunction in the BGP implementation of another vendor. There is no workaround.
[Part of the text was taken from rfc 1771.]
•
When BGP sessions currently are reset, with lob neighbor-changes, the event is errlogged. However, to learn the reasons why there was a reset, you need to turn on the debugs. This fix automatically errlogs the notification message when the sessions are reset. This feature is activated by the same log neighbor-changes knob.
Release 12.1(6)E
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(6)E:
•
•
Open Caveats in Release 12.1(6)E
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E3 and have QoS-enabled LECs, if you change the QoS parameters in the QoS database, a new QoS VCC may not be established.
Workaround: Enter the clear cam dynamic <vlanid> command on the Catalyst family switch.
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces, 32-bit counters in the ifTable are currently supported, and support for the corresponding 64-bit counter variables is not available.
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E3 and have QoS-enabled LECs, if you move the LECs from QoS-capable mode to non-QoS-capable mode, the LECs may continue to use the UBR+ VCC instead of reverting to the UBR VCC.
Workaround: Enter the clear cam dynamic <vlanid> command on the Catalyst family switch.
•
UBR+ VCC is lost when the traffic rate is 100 Mbps on the ATM OC-3 module.
•
In a Catalyst 5000 family switch that contains ATM module WS-X516*, the CAM entry for a MAC address may alternate between LANE Data Direct VC and LANE BUS VC, but the CAM entry is updated with the LANE Data Direct VC when there is traffic to that MAC address.
Workaround: None.
Resolved Caveats in Release 12.1(6)E
•
On Catalyst 5000 family and Catalyst 6500 series platforms, the system CAM entries created by MPOA are not removed when the ATM module is removed, reset, reloaded, or when the ATM module hangs.
Workaround: Reload the Catalyst operating system.
Alternate workaround: The problem was fixed and is available as follows:
–
•
In rare conditions, when you enter shut and noshut commands, you might see the following error messages:
04:20:13: ## ATMDRV ERROR REPORT ## THost: Host Response Status: P1CMDS_LANE_HA SH_SET(5) Response Status = P1CMDS_STATUS_OOPS(5) 04:20:13: ## ATMDRV ## vlan 727 mac_addr 0x00-00-00-24-0B-4C## ATMDRV ## state 1 local_index 16391 pacing_counter 1 No functionality will be affected.The problem is fixed in Release 12.1(6)E.
•
SNMP fails on the WS-X5165 module. None of the MIB variables can be queried from this card. This problem is fixed in Release 12.1(6)E.
•
In the Catalyst 5000 family and Catalyst 6500 series platforms, the ATM module switchover does not happen on an ILMI-keepalive failure.
Use the images on the ATM modules from Release 12.1(6)E, Release 12.0(14)W5(20), or later.
•
Queries on variables of the ciscoAal5 MIB and ciscoAtmExt MIB fail for VCs on the ATM major interface (ILMI and signaling VCs). Queries work well for VCs configured on subinterfaces.
•
In the Catalyst 5000 family ATM modules, when repeated shut and noshut commands are performed on ATM PVC-to-VLAN binding, the binding is lost.
Workaround: If the write memory command was used before the problem occurred, then the PVC-to-VLAN bindings can be restored from the NVRAM configuration using the copy startup running command.
•
With the WS-X5167 module, SNMP set operation on the cadpStatAdminActivePhy MIB variable fails. ATM preferred PHY cannot be changed using SNMP. This set works with WS-X5158, WS-X5161, and WS-X5166 ATM modules, but fails with the WS-5167 module.
Workaround: Use the atm preferred phy command on the command line interface.
This problem is fixed in Release 12.1(6)E.
•
In the Catalyst 5000 family ATM OC3 module (WS-X5167), switchover does not happen on ILMI-keepalive failure in c5atm-lc-mz software, Release 12.0(14)W5(19). This problem is fixed in Release 12.1(6)E.
•
On Catalyst 5000 family ATM modules running Release 12.1(5)E with QoS-enabled LECs, in rare situations when LECs transition from QoS-capable mode to non-QoS-capable mode, they might establish more than one UBR VCC for a short time. These VCCs will time out, and only one of the VCCs will be used for transmitting data.
•
Cisco Security Advisory:
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
Revision 1.0: INTERIM
For Public Release 2001 February 27 20:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Cisco IOS software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers.
This vulnerability is present in all released releases of Cisco IOS software running on Cisco routers and switches. It only affects the security of TCP connections that originate or terminate on the affected Cisco device itself; it does not apply to TCP traffic forwarded through the affected device in transit between two other hosts.
To remove the vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is described in the DDTS record.
Workarounds are available that limit or deny successful exploitation of the vulnerability by filtering traffic containing forged IP source addresses at the perimeter of a network or directly on individual devices. This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml.
•
Cisco Security Advisory:
Cisco IOS Software Multiple SNMP Community String Vulnerabilities
Revision 1.0: INTERIM
For Public Release 2001 February 27 20:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Multiple Cisco IOS software and CatOS software releases contain several independent but related vulnerabilities involving the unexpected creation and exposure of SNMP community strings. These vulnerabilities can be exploited to permit the unauthorized viewing or modification of affected devices.
To remove the vulnerabilities, Cisco is offering free software upgrades for all affected platforms. The defects are documented in DDTS records CSCds32217, CSCds16384, CSCds19674, CSCdr59314, CSCdr61016, and CSCds49183.
In addition to specific workarounds for each vulnerability, affected systems can be protected by preventing SNMP access.
This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml.
•
Cisco Security Advisory:
Cisco IOS Software SNMP Read-Write ILMI Community String Vulnerability
Revision 1.0: INTERIM
For Public Release 2001 February 27 04:00 US/Eastern (UTC+0500)
___________________________________________________________________________
Summary
Cisco IOS software releases based on versions 11.x and 12.0 contain a defect that allows a limited number of SNMP objects to be viewed and modified without authorization using a undocumented ILMI community string. Some of the modifiable objects are confined to the MIB-II system group, such as ("sysContact," "sysLocation" and "sysName") that do not affect the device's normal operation but that may cause confusion if modified unexpectedly. The remaining objects are contained in the LAN-EMULATION-CLIENT and PNNI MIBs, and modification of those objects may affect ATM configuration. An affected device might be vulnerable to a denial-of-service attack if it is not protected against unauthorized use of the ILMI community string.
The vulnerability is only present in certain combinations of Cisco IOS releases on Cisco routers and switches. ILMI is a necessary component for ATM, and the vulnerability is present in every IOS release that contains the supporting software for ATM and ILMI without regard to the actual presence of an ATM interface or the physical ability of the device to support an ATM connection.
To remove this vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is documented in DDTS record CSCdp11863.
In lieu of a software upgrade, a workaround can be applied to certain Cisco IOS releases by disabling the ILMI community or "*ilmi" view and applying an access list to prevent unauthorized access to SNMP. Any affected system, regardless of software release, may be protected by filtering SNMP traffic at a network perimeter or on individual devices.
This notice will be posted at the following location:
http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml.
•
A Border Gateway Protocol (BGP) update contains Network Layer Reachability Information (NLRI) and attributes that describe the path to the destination. Each path attribute is a type, length, value (TLV) object.
The type is a two-octet field that includes the attribute flags and the type code. The fourth high-order bit (bit 3) of the attribute flags is the extended length bit. It defines whether the attribute length is one octet (if set to 0) or two octets (if set to 1). The extended length bit is used only if the length of the attribute value is greater than 255 octets.
The AS_PATH (type code 2) is represented by a series of TLVs (or path segments). The path segment type indicates whether the content is an AS_SET or AS_SEQUENCE. The path segment length indicates the number of autonomous systems in the segment. The path segment value contains the list of autonomous systems. (Each autonomous system is represented by two octets.)
The total length of the attribute depends on the number of path segments and the number of autonomous systems in them. For example, if the AS_PATH contains only an AS_SEQUENCE, then the maximum number of autonomous systems (without having to use the extended length bit) is 126 [= (255-2)/2]. If the update is propagated across an autonomous system boundary, then the local Abstract Syntax Notation (ASN) must be appended and the extended length bit used.
The caveat was caused by the mishandling of the operation during which the length of the attribute was truncated to only one octet. Because of the internal operation of the code, the receiving border router would not be affected, but its BGP peers would detect the mismatch and issue a notification message (update malformed) to reset their session.
The average maximum AS_PATH length in the Internet is between 15 and 20 autonomous systems, so there is no need to use the extended length. The failure was discovered because of a malfunction in the BGP implementation of another vendor. There is no workaround.
[Part of the text was taken from rfc 1771.]
•
When BGP sessions currently are reset, with lob neighbor-changes, the event is errlogged. However, to learn the reasons why there was a reset, you need to turn on the debugs. This fix automatically errlogs the notification message when the sessions are reset. This feature is activated by the same log neighbor-changes knob.
Release 12.1(5c)E12
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(5c)E12:
•
•
Open Caveats in Release 12.1(5c)E12
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces, 32-bit counters in the ifTable are currently supported, and support for the corresponding 64-bit counter variables is not available.
•
The following message may appear three times when the Catalyst 5000 family ATM module boots up:
Preferred Phy: Phy A is already Selected.These repeated messages are harmless and can be ignored.
•
LECs go up and down when the traffic rate is 100 Mbps.
•
On Catalyst 5000 family ATM modules running Release 12.1(5)E with QoS-enabled LECs, under rare situations when LECs transition from QoS-capable mode to non-QoS- capable mode, they might establish more than one UBR VCC for a short time. These VCCs will time out and only one of the VCCs will be used for transmitting data.
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E2 and have QoS-enabled LECs, if you move the LECs from QoS-capable mode to non-QoS-capable mode, the LECs may continue to use the UBR+ VCC instead of reverting to the UBR VCC.
Workaround: Enter the clear cam dynamic vlanid command on the Catalyst family switch.
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E2 and have QoS- enabled LECs, if you change the QoS parameters in the QoS database, a new QoS VCC may not be established.
Workaround: Enter the clear cam dynamic vlanid command on the Catalyst family switch.
•
The current VC counters value displayed by the show interface atm0 and the show atm interface atm0 commands are incorrect. Enter the show atm vc command to display the correct value.
Resolved Caveats in Release 12.1(5c)E12
•
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Release 12.1(5a)E3
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(5a)E3:
•
•
Open Caveats in Release 12.1(5a)E3
•
According to RFC 1573, support for 64-bit octet counters in the ifXTable are required for the ATM module interfaces, 32-bit counters in the ifTable are currently supported, and support for the corresponding 64-bit counter variables is not available.
•
The following message may appear three times when the Catalyst 5000 family ATM module boots up:
Preferred Phy: Phy A is already Selected.These repeated messages are harmless and can be ignored.
•
LECs go up and down when the traffic rate is 100 Mbps.
•
On Catalyst 5000 family ATM modules running Release 12.1(5)E with QoS-enabled LECs, under rare situations when LECs transition from QoS-capable mode to non-QoS- capable mode, they might establish more than one UBR VCC for a short time. These VCCs will time out and only one of the VCCs will be used for transmitting data.
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E2 and have QoS-enabled LECs, if you move the LECs from QoS-capable mode to non-QoS-capable mode, the LECs may continue to use the UBR+ VCC instead of reverting to the UBR VCC.
Workaround: Enter the clear cam dynamic vlanid command on the Catalyst family switch.
•
On Catalyst 5000 family ATM modules that are running Release 12.1(5a)E2 and have QoS- enabled LECs, if you change the QoS parameters in the QoS database, a new QoS VCC may not be established.
Workaround: Enter the clear cam dynamic vlanid command on the Catalyst family switch.
•
The current VC counters value displayed by the show interface atm0 and the show atm interface atm0 commands are incorrect. Enter the show atm vc command to display the correct value.
Resolved Caveats in Release 12.1(5a)E3
•
On Catalyst 5000 family ATM modules running Release 12.1(2)E1 and later, the show lane le-arp brief command may display incorrect counters.
•
The interface speed occasionally is shown as zero for an ATM link connecting a Catalyst 5000 family switch and a LightSpeed 1010 device.
•
PVC performance might decrease below the 176 Kbps line rate to 131 Kbps under heavy traffic with more than one Fast Ethernet stream on the OC-3 MMF and SMF modules (WS-X5167 and WS-X5168).
•
If you configure a high number of traffic-shaped PVCs (2,500) on a WS-X5162 or WS-X5161 module and allow very high traffic on the PVCs, the LANE module performance degrades and resets. The last reset reason indicates a TXHOST timeout.
•
An MPOA client configured on WS-X516X modules installed in a WS-5509 or a WS-5550 might not forward the packets over an MPOA shortcut or might drop the packets under the following conditions:
–
–
Workaround:
–
–
•
The PVC-shaping feature on the Catalyst 5000 family LANE modules currently supports queueing of 20 packets per VC only, but it should support configuring the depth of the per-VC queues.
•
On a WS-X515x LANE or WS-X516x module running 12.0(10)W5(18a) with the lane config config-atm-address 47..... command or the lane config fixed-config-atm-address command configured, entering the shut and no shut commands on the ATM interface causes the module to get stuck in a constant bootup process, which cannot be stopped by any break sequence.
Workaround: Configure the LECS address in the ATM switch using the atm lecs-address-default lecs NSAP address command.
Release 12.1(2)E2
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(2)E2:
•
•
Open Caveats in Release 12.1(2)E2
•
PVC performance might decrease below the 176K pps line rate to 131K pps under heavy traffic with more than one Fast Ethernet stream on the OC-3 MMF and SMF modules (WS-X5167 and WS-X5168).
•
The current VC counters value displayed by the show interface atm0 and the show atm interface atm0 commands are incorrect. Enter the show atm vc command instead.
Resolved Caveats in Release 12.1(2)E2
•
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Release 12.1(2)E1
These sections describe the open and resolved caveats in Catalyst 5000 ATM Release 12.1(2)E:
•
•
Open Caveats in Release 12.1(2)E1
•
PVC performance might decrease below the 176K pps line rate to 131K pps under heavy traffic with more than one Fast Ethernet stream on the OC-3 MMF and SMF modules (WS-X5167 and WS-X5168).
•
The current VC counters value displayed by the show interface atm0 and the show atm interface atm0 commands are incorrect. Enter the show atm vc command instead.
Resolved Caveats in Release 12.1(2)E1
•
The WS-X5167 module resets after a writeNet SNMP request is entered. This problem is resolved in Release 12.1(2)E1.
•
The Fast Simple Server Redundancy Protocol (FSSRP) feature might not be completely disabled when you enter the no lane fssrp command. This problem is resolved in Release 12.1(2)E1.
•
Cisco IOS software requires LAN Emulation Clients (LECs) to join ELANs as LANE Version 2 compliant LECs. Interoperability problems with third-party LANE Version 1 LECs may occur. A new command has been added in Release 12.1(2)E1 to resolve this problem. The new lane client version 1 command can be entered in interface configuration mode so that LECs can be configured to join as LANE Version 1 compliant. By default, the LECs are Version 2 compliant.
•
The CLI does not allow users to disable the LEC LE-Flush mechanism. The new [no] lane client flush command has been added in Release 12.1(2)E1 to resolve this problem.
Related Documentation
For additional information on Catalyst 5000 family switches and command-line interface (CLI) commands, refer to the Catalyst 5000 Family Software Configuration Guide and the Catalyst 5000 Family Switches ATM Software Configuration Guide, the Catalyst 6500 Series Switches ATM Software Configuration Guide, the Catalyst 5000 Family Command Reference, and the Catalyst 6500 Series Command Reference publications.
For detailed hardware configuration and maintenance procedures, refer to the Catalyst 5000 Family Installation Guide.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0809R)
© 1999-2007 Cisco Systems, Inc. All rights reserved.
Guest
