Cisco 3020 - Cisco Catalyst Blade Switch Uwaga dotycząca wydania - Strona 18

Przeglądaj online lub pobierz pdf Uwaga dotycząca wydania dla Sprzęt sieciowy Cisco 3020 - Cisco Catalyst Blade Switch. Cisco 3020 - Cisco Catalyst Blade Switch 23 stron. Release notes for the cisco catalyst blade switch 3020 for hp, ciscoã‚â iosã‚â releaseã‚â 12.2(44)se
Również dla Cisco 3020 - Cisco Catalyst Blade Switch: Podręcznik dla początkujących (37 strony), Podręcznik dla początkujących (31 strony), Quickspecs (12 strony), Uwaga dotycząca wydania (41 strony), Uwaga dotycząca wydania (27 strony), Uwaga dotycząca wydania (21 strony), Instrukcja instalacji (21 strony)

Drukuj stronę

Cisco 3020 - Cisco Catalyst Blade Switch Uwaga dotycząca wydania

Resolved Caveats

Note

A combined software table for Cisco IOS is available to aid customers in choosing a software

releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is

available at the following link:

http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml.

CSCsc30733

•

This error message no longer appears during authentication when a method list is used and one of

the methods in the method list is removed:

AAA-3-BADMETHODERROR:Cannot process authentication method 218959117

CSCsd85587

•

A vulnerability has been discovered in a third party cryptographic library which is used by a number

of Cisco products. This vulnerability may be triggered when a malformed Abstract Syntax Notation

One (ASN.1) object is parsed. Due to the nature of the vulnerability it may be possible, in some

cases, to trigger this vulnerability without a valid certificate or valid application-layer credentials

(such as a valid username or password).

Successful repeated exploitation of any of these vulnerabilities may lead to a sustained

Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the

confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow

an attacker will not be able to decrypt any previously encrypted information.

The vulnerable cryptographic library is used in the following Cisco products:

–

This vulnerability is also being tracked by CERT/CC as VU#754281.

Cisco has made free software available to address this vulnerability for affected customers. There

are no workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.

Note

Release Notes for the Cisco Catalyst Blade Switch 3020 for HP, Cisco IOS Release 12.2(37)SE and Later

Another related advisory has been posted with this advisory. This additional advisory also

describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is

available at the following link:

http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.

Cisco IOS, documented as Cisco bug ID CSCsd85587

Cisco IOS XR, documented as Cisco bug ID CSCsg41084

Cisco PIX and ASA Security Appliances, documented as Cisco bug ID CSCse91999

Cisco Unified CallManager, documented as Cisco bug ID CSCsg44348

Cisco Firewall Service Module (FWSM)

Another related advisory is posted together with this Advisory. It also describes vulnerabilities

related to cryptography that affect Cisco IOS. A combined software table for Cisco IOS only is

available at

http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml

can be used to choose a software release which fixes all security vulnerabilities published as of

May 22, 2007. The related advisory is published at

http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml.

and

OL-12577-03