Cisco Cisco IPS 4255 Sensor
13
Release Notes for Cisco Intrusion Prevention System 7.1(1)E4
OL-19894-01
Caveats
•
When SensorApp is reconfigured, there is a short period when SensorApp cannot respond to any
queries. Wait a few minutes after reconfiguration is complete before querying SensorApp for
additional information.
queries. Wait a few minutes after reconfiguration is complete before querying SensorApp for
additional information.
•
For IPS 5.0 and later, you can no longer remove the cisco account. You can disable it using the no
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the
service account is not supported. If you remove the cisco account through the service account, the
sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system
image.
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the
service account is not supported. If you remove the cisco account through the service account, the
sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system
image.
•
The IDM and the IME launch MySDN from the last browser window you opened, which is the
default setting for Windows. To change this default behavior, in Internet Explorer, choose Tools >
Internet Options, and then click the Advanced tab. Scroll down and uncheck the Reuse windows
for launching shortcuts check box.
default setting for Windows. To change this default behavior, in Internet Explorer, choose Tools >
Internet Options, and then click the Advanced tab. Scroll down and uncheck the Reuse windows
for launching shortcuts check box.
Caveats
This section lists the resolved and open caveats, and contains the following topics:
•
•
Resolved Caveats
The following issues have been resolved in IPS 7.1(1)E4 release:
•
CSCsg09619—IPS accepts RSA keys with exponent 3 which are vulnerable to forgery
•
CSCsj82458—global-block-timeout allows values outside supported range
•
CSCsq18457—Unauthenticated Ntp settings lost after recover application-partition
•
CSCsq53214—IPS reports different sig version in CT and CLI
•
CSCsw86555—5582 false positve
•
CSCsx20458—Sig 1300.0 firing incorrectly
•
CSCtc18038—SensorApp mismanages buffers when TX queue full
•
CSCtc43996—Engine P2P may not properly check boundaries
•
CSCtc61972—Ares P2P signature does not fire
•
CSCtd91982—Crash mainAPP aborted parsing CT name and idapi parameters
•
CSCte55319—Sensor returns ERROR for custom IOS LWE signatures on appliances
•
CSCtf04150—Promiscuous mode stream normalizer incorrect handling of TO_WEB traffic
•
CSCtf04660—IPS: crash in Anomaly Detection getLearnedKnowledgeBase
•
CSCtf09280—Unable to delete custom sigs created for IOS Lightweight engines
•
CSCtf40209—Signature Obsoletes from "backport" engines are being processed
•
CSCsv26568—IPS SNMP InterfaceGroup OID does not show correct Virtual Sensor
•
CSCsz19556—7280.0 does not reliably alert
•
CSCta96144—sensorApp terminates with core in updateTime (version 7.x)