Showing results for 
Search instead for 
Did you mean: 

Upgrade 2960S on 122-58.SE2 to 15.2(2)E8


Do I have to download any PAK files or do anything else to get my 2960S' upgraded to 15.2(2)E8 to fix the smart install DOS bug?  My 2960s are running c2960s-universalk9-mz.


Can I expect some errors in the config due to certain setting in the cli being depreciated. These 2960s are in a stackwise "stack".


We don't use the gui feature of the 2960's, so will just be doing a tftp to the flash and changing the "system boot" to point to the new image on all the switches. 



6 Replies 6

Leo Laohoo
Hall of Fame
Hall of Fame

The SmartInstall bug/vulnerability can be disabled by issuing the command "no vstack".  

Thanks for the reply.


I have done that (no vstack), but Cisco does not list that as a "work around"  solution in the Security notice.


Post the complete output to the command "sh vstack conf".

#sho vstack config
Role: Client (SmartInstall disabled)
Vstack Director IP address:

Again, Cisco security advisory does not list using "no vstack" as a workaround in the document.

seems that using "no vstack" WILL keep the smart install bug from happening.


This tread shows a it being tested and using "no vstack" keeps the malformed packet from reloading the switch. Shame Cisco didn't put this in the security advisory.

@dmooreami wrote:
Role: Client (SmartInstall disabled)

VStack is not running.  That's good.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: