Cisco Cisco Web Security Appliance S190 Notas de publicación
30
I R O N P O R T A S Y N C O S 6 . 3 . 7 F O R W E B R E L E A S E N O T E S
B U G S F I X E D I N 6 . 3 . 0
Fixed: Vulnerability in Secure Sockets Layer (SSL) certificates
A vulnerability in Secure Sockets Layer (SSL) certificates has been fixed. The vulnerability
allowed attackers to substitute imposter SSL certificates in place of trusted ones when clients
used an affected browser. This no longer occurs. [Defect ID: 55278]
allowed attackers to substitute imposter SSL certificates in place of trusted ones when clients
used an affected browser. This no longer occurs. [Defect ID: 55278]
Fixed: Web Proxy erroneously returns a 504 “Gateway Timeout” status to clients
accessing HTTPS sites in some cases
accessing HTTPS sites in some cases
Previously, the Web Proxy erroneously returned a 504 “Gateway Timeout” status to clients
accessing HTTPS sites due to leaking memory. This no longer occurs. [Defect ID: 41794]
accessing HTTPS sites due to leaking memory. This no longer occurs. [Defect ID: 41794]
Fixed: Web Proxy cannot communicate with FTP servers in some cases
Previously, the Web Proxy could not communicate with FTP servers under the following
circumstances:
circumstances:
• The Web Proxy received a transparently redirected FTP request (either native FTP or FTP
over HTTP) in passive mode.
• IP spoofing was enabled on the Security Services > Proxy Settings page.
This no longer occurs. [Defect ID: 47571]
Fixed: “Get Groups” button in the Policy Trace tool does not return all groups in some
cases
cases
Previously, the Get Groups button in the Policy Trace tool did not return all groups for a user
in an NTLM authentication realm when the Active Directory server returned group names
with different capitalization than the authorized group names listed in the applicable policy
group. This no longer occurs. [Defect ID: 49292]
in an NTLM authentication realm when the Active Directory server returned group names
with different capitalization than the authorized group names listed in the applicable policy
group. This no longer occurs. [Defect ID: 49292]
Fixed: Web Proxy generates a core file when it receives a transparent native FTP request
with proxy authentication required and an upstream proxy is used
with proxy authentication required and an upstream proxy is used
Previously, the Web Proxy generated a core file when it received a transparent native FTP
request and the Identity required authentication for native FTP transactions and a Routing
Policy directed the transaction to an upstream proxy. Authentication is not supported for
transparent native FTP requests, however, the Web Proxy should not have generated a core
file. This no longer occurs. [Defect ID: 49997]
request and the Identity required authentication for native FTP transactions and a Routing
Policy directed the transaction to an upstream proxy. Authentication is not supported for
transparent native FTP requests, however, the Web Proxy should not have generated a core
file. This no longer occurs. [Defect ID: 49997]
Fixed: Web Proxy generates a core file when persistent server connections are used in
some cases
some cases
Previously, the Web Proxy generated a core file when persistent server connections were used
and clients uploaded large requests. This no longer occurs. [Defect ID: 50334]
and clients uploaded large requests. This no longer occurs. [Defect ID: 50334]