Preview Tool

Cisco Bug: CSCsz37049 - 7600/SBC close unneeded TCP ports in LISTEN state - don't start applic

Last Modified

Nov 30, 2013

Products (1)

  • Cisco 7600 Series Routers

Known Affected Releases


Description (partial)

On SBC 7600, several tcp ports are opened, which leads to a security issue.
There are 27000 for lmgrd, 6464 for cfgmgr , and 32778 for cisco. 


Now 6464 is bind to localhost, so this is problem is solved. 
For 27000 and 32778, below is the workaround. 
Configure the ACL on SUP:
Router(config)#access-list 101 deny tcp any host range 27000 27009
Router(config)#access-list 101 deny tcp any host eq 32778
Router(config)#access-list 101 permit ip any any

And apply this ACL to the Vlan interface for SBC:
Router(config)#interface vlan 93
Router(config-if)#ip access-group 101 out


Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.