Cisco Bug CSCsh15587


If you are running ASA/PIX version 7.x then you may need to upgrade to version 7.23 to avoid your firewall running at 99% CPU utilization. There is a bug in Cisco ASA/PIX version 7.01-7.22 that causes the firewall to run to 99% CPU utilization when a telnet (or SSH) session requests large quantities of data (which FirePlotter does frequently).

Cisco's response on FirePlotter Support Team reporting this problem:

From: Tamas Csallo
Sent: Monday, November 19, 2007 8:08:57 AM
To: Chris Alberry; This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
Subject: Re: 607304095 PIX 515E 7.2(2) CPU 99% with 'show config' Hello Chris, 

I have double checked the symptoms and I made some research about it.

I found that this behaviour has been seen before and  documentation under the following number: CSCsh15587 

You can find some more information about under the following link:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsh15587

From the release notes:

Symptom:

When executing "show conf", high CPU utilization can be seen.

This happens from ver7.0, and does not happen in ver6.3(4) and 6.3(5).

Conditions:

Use ver7.0 or later configuration size is large (default config does not show the issue) 

- This would explain, why this is behavior has not seen on version 7.2(3).

- Please let me know if you have any further question.

 Have a nice day.

Sincerely,

Tamas Csallo
Customer Support Engineer


More Bug details:

Bug ID:
CSCsh15587

Status:
Fixed

Severity:
3

Last Modified:
In Last Year

Product:
Cisco ASA 5500 Series Adaptive Security Appliances

Technology:
Filtering, Proxy and Stateful Inspection (Firewall)

1st Found-In:
7.0(1)

Fixed-In:
7.2(2.23)
8.0(1.39)
8.2(0.20)
8.0(1.36)
7.1(2.54)
7.0(6.33)

Information contained within Bug ID CSCsh15587 is currently under review for publishing on Bug Toolkit and will be available soon, often within one or two business days. The publishing team has been automatically alerted to expedite the review of this bug so it may be available sooner than usual. Further, you may add this bug to your watch group to be notified when the bug is made available to you.
 
� 2000-2009 GISS (UK) Ltd
Website currency converter