Manualshelf

Cisco Gigabit Ethernet Switch Module for HPBladeSystem p-Class Release Notes, CiscoIOSRelease12.2(35)SE and later

ManualsBrandsHP ManualsComputer AccessoriesCisco BLp-Class Ethernet Switch
21222324252627282930
21
Cisco Gigabit Ethernet Switch Module for HP BladeSystem p-Class Release Notes, Cisco IOS Release 12.2(35)SE and later
459515-002
Resolved Caveats
Note Another related advisory is posted together with this Advisory. It also describes vulnerabilities
related to cryptography that affect Cisco IOS. A combined software table for Cisco
IOS only is
available at
http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml and
can be used to choose a software release which fixes all security vulnerabilities published as of
May 22, 2007. The related advisory is published at
http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml.
CSCsd85770
When you apply the mls qos trust dscp global configuration command to a port, this error message
no longer appears:
Master sets trust failed, sets to untrust modetrust type update
failed on ifc GigabitEthernetx/x
Switch(config-if)#Tcam write failed trust dscp
%QOSMGR-4-COMMAND_FAILURE: Execution of slave:HQM_IDBTRUST_CMD
command failed on GigabitEthernetx/x
CSCsd86177
When you remove and reconfigure a loopback interface, it no longer appears in the ifTable.
CSCsd92405
Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In
order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL
protocol exchange with the vulnerable device.
Successful repeated exploitation of any of these vulnerabilities may lead to a sustained
Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the
confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow
an attacker will not be able to decrypt any previously encrypted information.
Cisco IOS is affected by the following vulnerabilities:
Processing ClientHello messages, documented as Cisco bug ID CSCsb12598
Processing ChangeCipherSpec messages, documented as Cisco bug ID CSCsb40304
Processing Finished messages, documented as Cisco bug ID CSCsd92405
Cisco has made free software available to address these vulnerabilities for affected customers. There
are workarounds available to mitigate the effects of these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml.
Note Another related advisory has been posted with this advisory. This additional advisory also
describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is
available at the following link:
http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.
A combined software table for Cisco IOS is available to aid customers in choosing a software
releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is
available at the following link:
http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml.