Cisco Cisco IPS 4255 Sensor 릴리즈 노트
34
Release Notes for Cisco Intrusion Prevention System 5.1(8)E2
OL-20154-01
Caveats
•
CSCsl61966—Setting 'bypass_mode off' disables traffic on IDSM2
•
CSCso96079—META alarms may have the wrong risk ratings
•
CSCso98461—4260 may have incorrect risk ratings
•
CSCeg85134—Locality in evIdsAlert should reflect the deleted variables
•
CSCso22212—service pack update does not preserve sig categories xml file
•
CSCsl19316—Add ability to enable/disable CDP forwarding from service account
Known Caveats
The following known issues are found in IPS 5.1(8)E2:
•
CSCsg09619—IPS accepts RSA keys with exponent 3 which are vulnerable to forgery
•
CSCsg18379—MainApp unexpected behavior due to XML Parsing Error
•
CSCsg26929—Interface errors when enabled in cli and ifconfig up
•
CSCsg96871—AnalysisEngine InspectorServiceAICWeb::ToServiceInspect abort
•
CSCsh45936—Leading Space in the uri-regex in Service-HTTP Works Ambiguously
•
CSCsh50760—NAC causes high mainApp usage
•
CSCsh89833—Delete event variable referenced by filter or sig from IDM
•
CSCsi21029—GRE tunnels blocked by sensorApp inspection defect
•
CSCsi43787—Memory leak in mainApp when log event initiated remotely
•
CSCsj35723—Sigs not alarming after default service sig sig0
•
CSCsj57474—Frag traffic with dot1q headers misses a few sweep and atomic-ip sigs
•
CSCsj82458—global-block-timeout allows values outside supported range
•
CSCsk53813—upgrade log files are not preserved during an upgrade
•
CSCsm44644—Signature 1303 false negative
•
CSCsm47102—Signature 1308 does not function
•
CSCsm90428—string-tcp alert contains incorrect data in 'from target' context
•
CSCso40665—Signature id 5732 firing incorrectly
•
CSCsq48302—Incorrect format of IPS signatures in CCO XML packages
•
CSCsq62966—Sensor at 100% processing level when inline, causing traffic latency