Cisco Cisco IPS 4255 Sensor
41
Release Notes for Cisco Intrusion Prevention System 6.0(4a)E1
OL-8872-02
Caveats
•
CSCsj26086—Disabling one CSAMC-EPI removes all the addresses on the Sensor
•
CSCsk50777—Anomaly Detection memory/flash usage not restricted for some platforms
•
CSCsi58642—IDM does not handle slash in a user name correctly
•
CSCsk33892—Engine String may incorrectly warn of regex compile failure
•
CSCsh13463—IDSM-2 promiscuous displaying WARNING: Pulled previous index
•
CSCsg04913—install - service account’s .bash_profile not carried forward
•
CSCsl19316—Add ability to enable/disable CDP forwarding from service account
•
CSCsi72263—Allow inline Asymmetric traffic
•
CSCsj21080—Promiscuous 4255 in s/w bypass and no response from show stat vi
Known Caveats
The following known issues are found in IPS 6.0(4a)E1:
•
CSCsk30811—Misconfigured remote application can cause sensor HDD failure
•
CSCsm71528—Analysis Engine NotRunning after sig update reconfig
•
CSCsm60273—AIP-SSM stays in Unresponsive state after ASA5500's bootup
•
CSCsj78809—IPS 6.0(3) SigProcessor failure with reinjected frag
•
CSCsi42747—Memory leak in mainApp when checking license status
•
CSCsg09619—IPS accepts RSA keys with exponent 3 which are vulnerable to forgery
•
CSCsi43787—Memory leak in mainApp when log event initiated remotely
•
CSCsg96871—AnalysisEngine InspectorServiceAICWeb::ToServiceInspect abort
•
CSCsh50760—NAC causes high mainApp usage
•
CSCsk53813—upgrade log files are not preserved during an upgrade
•
CSCsj82458—global-block-timeout allows values outside supported range
•
CSCsd19619—NO statistics on traffic under heavy load
•
CSCse40651—Config operation on heavily loaded system may cause unresponsive system
•
CSCsm50539—MainApp fails to load after sensor reset
•
CSCsi88201—Error message too cryptic for events with bad XML
•
CSCsl08842—Oversubscription in promiscuous mode causes out of memory condition
•
CSCsm24466—Jumbo frames on XL interface can cause dropped packets
•
CSCsh89833—Delete event variable referenced by filter or sig from IDM
•
CSCsm46158—Critical memory condition can cause race condition
•
CSCsj15446—MainApp - core on invalid platform test
•
CSCsi73502—6.0(2)E1: No warning message when removing sensor used by ASA
•
CSCsm42382—Link drops temporarily on hardware-bypass ports during cids shutdown
•
CSCsl24036—Analysis Engine NotRunning after processing specific MSRPC traffic
•
CSCsl75224—cli command no mars-category causes sensor connection closed
•
CSCsk44582—Sig upgrade within grace period fails prior to reboot