Cisco 3020 - Cisco Catalyst Blade Switch Release Note - Page 16

Browse online or download pdf Release Note for Switch Cisco 3020 - Cisco Catalyst Blade Switch. Cisco 3020 - Cisco Catalyst Blade Switch 23 pages. Release notes for the cisco catalyst blade switch 3020 for hp, ciscoã‚â iosã‚â releaseã‚â 12.2(44)se
Also for Cisco 3020 - Cisco Catalyst Blade Switch: Getting Started Manual (37 pages), Getting Started Manual (31 pages), Quickspecs (12 pages), Release Note (41 pages), Release Note (27 pages), Release Note (21 pages), Installation Manual (21 pages)

Cisco 3020 - Cisco Catalyst Blade Switch Release Note
Resolved Caveats
Resolved Caveats
These sections describe the caveats that have been resolved in these releases:
Caveats Resolved in Cisco IOS Release 12.2(37)SE1
These caveats are resolved in Cisco IOS Release 12.2.(37)SE1:
Release Notes for the Cisco Catalyst Blade Switch 3020 for HP, Cisco IOS Release 12.2(37)SE and Later
16
Caveats Resolved in Cisco IOS Release 12.2(37)SE1, page 16
Caveats Resolved in Cisco IOS Release 12.2(37)SE, page 17
CSCsc19259
The server side of the Secure Copy (SCP) implementation in Cisco IOS contains a vulnerability that
allows any valid user, regardless of privilege level, to transfer files to and from an IOS device that
is configured to be a Secure Copy server. This vulnerability could allow valid users to retrieve or
write to any file on the device's filesystem, including the device's saved configuration. This
configuration file may include passwords or other sensitive information.
The Cisco IOS Secure Copy Server is an optional service that is disabled by default. Devices that
are not specifically configured to enable the Cisco IOS Secure Copy Server service are not affected
by this vulnerability.
This vulnerability does not apply to the Cisco IOS Secure Copy Client feature.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20070808-scp.shtml.
Please Note: The August 08, 2007 publication includes four Security Advisories and one Security
Response. The Advisories all affect Cisco IOS, one additionally affects CuCM as well. Each
Advisory lists the releases that correct the vulnerability described in the Advisory, and the
Advisories also detail the releases that correct the vulnerabilities for all four Cisco IOS issues.
Individual publication links are listed below:
Cisco IOS Information Leakage Using IPv6 Routing Header
http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-IPv6-swap.shtml
Cisco IOS Next Hop Resolution Protocol Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20070808-nhrp.shtml
Cisco IOS Secure Copy Authorization Bypass Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20070808-scp.shtml
Voice Vulnerabilities in Cisco IOS and Cisco Unified Call Manager
http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-voice.shtml
Cisco Unified MeetingPlace XSS Vulnerability
http://www.cisco.com/warp/public/707/cisco-sr-20070808-mp.shtml
CSCsj13619
The SCP (Secure Copy Protocol) support is now correctly included in the image. The show file
systems and copy privileged EXEC commands now correctly show scp as an option.
CSCsj19641
The switch no longer drops ARP packets destined to MAC addresses that are close to the MAC
address block of the switch.
OL-12577-03