Cisco OL-4015-08 Bedienungsanleitung PDF herunterladen (Seite 61)

100

101

413

Cross-Platform Release Notes for Cisco IOS Release 12.0S

OL-1617-14 Rev. Q0

Caveats

Resolved Caveats—Cisco IOS Release 12.0(33)S3

• CSCsv04836

Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the

state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP

connection, an attacker could force the TCP connection to remain in a long-lived state, possibly

indefinitely. If enough TCP connections are forced into a long-lived or indefinite state, resources on

a system under attack may be consumed, preventing new TCP connections from being accepted. In

some cases, a system reboot may be necessary to recover normal system operation. To exploit these

vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable

system.

In addition to these vulnerabilities, Cisco Nexus 5000 devices contain a TCP DoS vulnerability that

may result in a system crash. This additional vulnerability was found as a result of testing the TCP

state manipulation vulnerabilities.

Cisco has released free software updates for download from the Cisco website that address these

vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml.

• CSCsv08408

Symptoms: A router may crash due to a bus error due to an illegal access to a low address because

IPC is processing a message that is already returned back to the pool, but still the message’s

reference is present in IPC’s retry table.

Conditions: The conditions under which this symptom occurs are not known.

Workaround: There is no workaround.

• CSCsv15604

Symptoms: E4+ on a Cisco 12000 series Internet router stops exporting NetFlow. Show commands

display that packets are correctly captured and exported.

Conditions: Traffic should flow through an E4+ and go out through an E5, which has to be MPLS

enabled.

Workaround:

1) Change the outbound interface configuration to IP.

2) Add a static route for the NFC using the non-recursive next hop.

• CSCsv16911

Symptoms: I have created a few flow monitors, and I tried to add the flow monitors in one direction

on which IPHC was configured and it gave a linecard failure message; when I tried the same

procedure a second time, it was added.

Conditions: All the serial interfaces should be up and running.

Workaround: There is no workaround.

• CSCsv18049

Symptoms: Presently we do not support processing multiple filter specs in the Resv Error message.

We process only the first filter spec in the list. Not processing the other LSPs in the RESVError will

lead to inconsistent states.

Conditions: This symptom is observed on a Cisco 12000 series Internet router that has a PRP-2 and

that is running Cisco IOS Release 12.0(32)SY6.

Workaround: There is no workaround.

1 2 ... 56 57 58 59 60 61 62 63 64 65 66 ... 677 678

Kommentare zu diesen Handbüchern

Keine Kommentare

Cisco OL-4015-08 Bedienungsanleitung Seite 61

Kommentare zu diesen Handbüchern

Verwandte Produkte und Handbücher für Vernetzung Cisco OL-4015-08