Cisco Cisco IPS 4255 Sensor 릴리즈 노트

Release Notes for Cisco Intrusion Prevention System 6.0(4)E2

OL-20146-01

Caveats

•

CSCsh50516—IPS Fails to remove blocking if the blocked host is in PIX's name list

•

CSCsh50205—IPS 5.1(4) 4215 imaged as CF based system because of HD failure

•

CSCsh75673—valid NTP key values stored as -1

•

CSCsi48979—Sig 2152:0 false alarms after tunings or restore defaults

•

CSCsi98677—erase current-config hangs sensor CLI

•

CSCsi45463—6.0(2) TCP SYN Flood Cookies not functioning on XL platform

•

CSCsi58602—IPS evasion using Unicode encoding for HTTP-based attacks +

•

CSCsi84527—Accounts can be created with invalid usernames

•

CSCsj95950—ASA/SSM False Data Plane Failover Occuring

•

CSCsk14712—Full Database does not leave enough memory for Sig Update and some conf

•

CSCsj74455—service pack install should preserve sensorApp.conf

•

CSCsk21795—add log to main.log for mainApp shutdown

•

CSCsg86162—MSRPC and SMB engine not handling Fragmentation correctly

•

CSCsi75856—Some Database statistics always remain 0

•

CSCsj41582—IPS 5.1(5)E1 UDP-string engine does not distinguish direction

•

CSCsj29570—IpDual Database insertion rate limiting code merged out of nubra

•

CSCsl39701—add globalSummary protection to alarm DB creation

•

CSCsk72811—Sig 1315 causes peformance hit in promisc

•

CSCsk09897—IPS: sends ACK with destination mac of orignal packet, breaks MS NLB

•

CSCsk11222—show tech contains garbage chars due to new safenet files

•

CSCsg45642—Make CDP drop a configurable option.

•

CSCsi22195—Refactor normalizer processTcpOptions unit

•

CSCsi52422—POSFP feature does not work with SSM

•

CSCsj26086—Disabling one CSAMC-EPI removes all the addresses on the Sensor

•

CSCsk50777—Anomaly Detection memory/flash usage not restricted for some platforms

•

CSCsi58642—IDM does not handle slash in a user name correctly

•

CSCsk33892—Engine String may incorrectly warn of regex compile failure

•

CSCsh13463—IDSM-2 promiscuous displaying WARNING: Pulled previous index

•

CSCsg04913—install - service account’s .bash_profile not carried forward

•

CSCsl19316—Add ability to enable/disable CDP forwarding from service account

•

CSCse54970—Need to add Safenet support to licensing

•

CSCsi72263—Allow inline Asymmetric traffic

•

CSCsj80570—Add cidDump to upgrades