COMMAND

    Cisco

SYSTEMS AFFECTED

    Cisco IOS 12.1(2)T, 12.1(3)T and limited deployment releases based on those versions

PROBLEM

    Following  is  based  on  a  Cisco  Security  Advisory.   Security
    Scanning software can cause a  memory error in Cisco IOS  Software
    that will  cause a  reload to  occur.   This vulnerability affects
    only Cisco IOS software version 12.1(2)T and 12.1(3)T, and limited
    deployment releases based on those versions.

    The  security  scanner  makes  TCP  connection attempts to various
    ports,  looking  for  open  ports  to  further  investigate  known
    vulnerabilities with those services associated with certain ports.
    However, a side effect of  the tests exposes the defect  described
    in this security advisory, and the router will reload unexpectedly
    as  soon  as  it  receives  a  request  to  review  or  write  the
    configuration file.   This defect  is documented  as Cisco  Bug ID
    CSCds07326.

    It is impossible  to list all  Cisco products in  this notice; the
    lists  below  include  only  the   most  commonly  used  or   most
    asked-about products.   If you are  unsure whether your  device is
    running Cisco  IOS software,  log into  the device  and issue  the
    command  show  version.  Cisco  IOS  software will identify itself
    simply  as  "IOS"  or  "Internetwork  Operating  System Software".
    Other Cisco devices either will not have the show version command,
    or will give different output.

    Cisco devices that run Cisco IOS software include the following:

    * Cisco routers  in the AGS/MGS/CGS/AGS+,  IGS, RSM, 8xx,  ubr9xx,
      1xxx, 25xx, 26xx, 30xx, 36xx, 38xx, 40xx, 45xx, 47xx, AS52xx,
    * AS53xx, AS58xx, 64xx, 70xx, 72xx (including the ubr72xx),  75xx,
      and 12xxx series.
    * Most recent versions of the LS1010 ATM switch.
    * Some versions of the Catalyst 2900XL LAN switch.
    * The Cisco DistributedDirector.

    An attempt to make a TCP connection to ports 3100-3999, 5100-5999,
    7100-7999, and 10100-10999 will  cause the router to  unexpectedly
    reload at the  next show running-config,  or write memory,  or any
    command that causes the configuration file to be accessed.   Cisco
    IOS software  cannot be  configured to  support any  services that
    might listen at those port addresses, and cannot be configured  to
    accept connections  on those  ports, however,  connection attempts
    to  these  ports  in  the  affected  version  will  cause   memory
    corruption, later leading to an unexpected reload.

    Software packages are available  from various commercial and  free
    sites that  perform automated  remote tests  for computer security
    vulnerabilities  by  scanning  computers  on  a  network for known
    security  flaws.   A  common  log  message  in  environments  that
    experienced  security  scan  related  crashes  was the "attempt to
    connect to RSHELL" error message.  This problem was introduced  in
    12.1(1.3)T, and is identified by Cisco Bug ID CSCds07326.

    The described  defect can  be used  to mount  a denial  of service
    (DoS) attack on any vulnerable Cisco product, which may result  in
    violations of  the availability  aspects of  a customer's security
    policy.  This  defect by itself  does not cause  the disclosure of
    confidential information nor allow unauthorized access.

SOLUTION

    This defect was introduced in version 12.1(1.3)T, and is  repaired
    in the  following versions  which are  based on  the 12.1(2)T  and
    12.1(3)T releases.

    The following table summarizes the Cisco IOS software releases
    that are known to be affected, and the earliest estimated dates
    of availability for the recommended fixed versions.

    +===========================================================================+
    |   Major     Description or                                                |
    |  Release       Platform         Availability of Repaired Releases*        |
    +===========================================================================+
    | Unaffected Earlier Releases     Rebuild     Interim**    Maintenance      |
    +===========================================================================+
    |12.0 and                     |            |             |                  |
    |earlier,                     |Not         |Not          |Not               |
    |all         Numerous         |vulnerable  |vulnerable   |vulnerable        |
    |variants                     |            |             |                  |
    +===========================================================================+
    |     12.1-based Releases     |   Rebuild  |  Interim**  | Maintenance      |
    +===========================================================================+
    |            General          |            |             |                  |
    |12.1        Deployment (GD)  |Not         |Not          |Not               |
    |            candidate: all   |vulnerable  |vulnerable   |vulnerable        |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |12.1AA      Dial Support     |Not         |Not          |Not               |
    |                             |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |12.1CX      Core/ISP support:|Not         |Not          |Not               |
    |            GSR, RSP, C7200  |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |12.1DA      xDSL Support:    |Not         |Not          |Not               |
    |            6100, 6200       |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Cisco 6400       |            |             |                  |
    |12.1DB      Universal Access |            |             |12.1(4)DB         |
    |            Concentrator     |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |12.1DC      xDSL NRP support:|            |             |12.1(4)DC         |
    |            c6400r           |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |12.1E       Core/ISP Support:|Not         |Not          |Not               |
    |            GSR, RSP, c7200  |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1EC      (ED): ubr7200,   |Not         |Not          |Not               |
    |            UBR Headend      |Vulnerable  |Vulnerable   |Vulnerable        |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |12.1EX      Catalyst 6000    |Not         |Not          |Not               |
    |                             |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |12.1EY      Catalyst 8510,   |Not         |Not          |Not               |
    |            8540, LS1010     |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            New technology   |            |             |                  |
    |12.1T       Early Deployment |            |12.1(4.3)T   |12.1(5)T          |
    |            (ED): all        |            |             |                  |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XA      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XB      (ED): limited    |            |             |12.2(1)           |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XC      (ED): limited    |            |             |12.2(1)           |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XD      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XE      (ED): limited    |            |             |12.2(1)           |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XF      (ED): limited    |            |             |12.2(1)           |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XG      (ED): limited    |            |             |12.2T***          |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XH      (ED): limited    |            |             |12.2(1)           |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XI      (ED): limited    |            |             |12.2(1)           |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XJ      (ED): limited    |            |             |12.2T***          |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XK      (ED): limited    |            |             |12.2(1)           |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XL      (ED): limited    |            |             |12.2(1)           |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XM      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XP      (ED): limited    |            |             |12.2T***          |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XQ      (ED): limited    |            |             |12.2T***          |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XR      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XS      (ED): limited    |            |             |12.1(5)XS         |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XT      (ED): limited    |            |             |12.2T***          |
    |            platforms        |            |             |                  |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XU      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XV      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XW      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XX      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XY      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1XZ      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1YA      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1YB      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1YC      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +----------+------------------+------------+-------------+------------------+
    |            Early Deployment |            |             |                  |
    |12.1YD      (ED): limited    |Not         |Not          |Not               |
    |            platforms        |Vulnerable  |Vulnerable   |Vulnerable        |
    +===========================================================================+
    |                                Notes                                      |
    +===========================================================================+
    |* All dates are estimated and subject to change.                           |
    |                                                                           |
    |** Interim releases are subjected to less rigorous testing than            |
    |regular maintenance releases, and may have serious bugs.                   |
    |                                                                           |
    |*** This release does not have a rebuild solution. Customers should        |
    |upgrade to 12.2T when it becomes available. This is not a misprint.        |
    +===========================================================================+