Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

IOS upgrade problem

Currenlty our cat3560G-48TS switches are running 12.2(46)SE. I am trying to upgrade it to 12.2(50)SE3 as fix for current DoS vulnerabilities, but getting an error. I checked the checksum and it's ok. Command I am using:

#archive download-sw /safe /reload tftp://xxxx/fn

Error output is given below.

----------------------------------

Loading c3560-ipbasek9-mz.122-50.SE3.bin from 10.10.10.105 (via Vlan5): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

[OK - 9968993 bytes]

Loading c3560-ipbasek9-mz.122-50.SE3.bin from 10.10.10.105 (via Vlan5): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

[OK - 9968993 bytes]

examining image...

%Tar checksum error in tftp://10.10.10.105/c3560-ipbasek9-mz.122-50.SE3.bin

%Error opening flash:update/info (No such file or directory)

ERROR: Image is not a valid IOS image archive.

-----------------------------------------

Thanks,

9 REPLIES
Hall of Fame Super Silver

Re: IOS upgrade problem

Hello Mohammad,

notice the line:

%Tar checksum error in tftp://10.10.10.105/c3560-ipbasek9-mz.122-50.SE3.bin

you need to download a tar (compressed with TAR unix utility) version of image file to use with archive command.

otherwise you need to use the manual procedure

copy tftp flash

in this case you can download the bin file directly on the flash.

Hope to help

Giuseppe

Re: IOS upgrade problem

If you are running a stack of switched, then download the tar and use the archive command.

Else copy the bin file with the copy command as suggested.

Purple

Re: IOS upgrade problem

If using the .bin file use the "copy tftp flash: " command to put it on .then manually change your boot statement. The archive command is for the .tar files as others have indicated.

Hall of Fame Super Gold

Re: IOS upgrade problem

What DoS vulnerabilities? According to Cisco's PSIRT website, the latest crafted TCP exploit (document ID 109444) shows 12.2(46)SE to be OK. I have no idea what Cisco meant with 12.2(46)SE2 since there is no such releases for the 2960/3560/3750 anyway (probably due to bugs).

New Member

Re: IOS upgrade problem

Please check the following links and let me know if we need to upgrade our IOS image per this link vulnerabilities.

Thanks,

Relevant Url(s):

<http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml>

====

This entry is available at

http://www.us-cert.gov/current/index.html#cisco_releases_security_advisory_for14

Hall of Fame Super Gold

Re: IOS upgrade problem

Dude,

This link IS document ID 109444. :)

Bronze

Re: IOS upgrade problem

Right, 12.2(46)SE2 is listed as "First Fixed Release" while 12.2(50)SE3 is listed as "Recommended Release"

HTH

New Member

Re: IOS upgrade problem

OK, Thanks. We have 12.2(46)SE and the release numbers were little confusing, but I figured it out.

Thanks,

Hall of Fame Super Gold

Re: IOS upgrade problem

I have no idea what Cisco meant with 12.2(46)SE2 since there is no such releases for the 2960/3560/3750 anyway (probably due to bugs).

454
Views
0
Helpful
9
Replies
CreatePlease to create content