Cisco Cisco Content Security Management Appliance M1070 릴리즈 노트

Release Notes for Cisco IronPort AsyncOS 7.7 for Security Management

OL-25088-02

Resolved Issues

Table 7

Resolved Issues in Cisco IronPort AsyncOS 7.7 for Security Management

Defect ID

Description

83262

Fixed: FreeBSD telnetd Remote Code Execution Vulnerability

Previously, there was a vulnerability that could have allowed a remote,
unauthenticated attacker to execute arbitrary code with elevated privileges. This has
now been fixed.

For more information on the vulnerability, see the Cisco security advisory at

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2012
0126-ironport

77244

Fixed: Critical alert sent in error when previously-connected ESA or WSA is
unavailable

Previously, the following critical alert was being sent when in fact no problem existed:

Critical: An application fault occurred: ('authentication/remote_connect.py

__str__|24', "<type 'exceptions.AttributeError'>", "'SmadConnectError' object

has no attribute 'error_message'", '[_coro.pyx coro._coro._wrap1
(coro/_coro.c:8442)|757]

[authentication/auth_manager.py start|62] [authentication/remote_connect.py

__str__|24]')

Now, no alert is sent in this situation.

80493

Fixed: (Japanese language only) Releasing a message from spam quarantine
appears to delete it

When releasing a message from the spam quarantine, the GUI incorrectly states that
the message was deleted instead of released.

79501

Fixed: Modified end-user Spam Quarantine URL can disable the end-user
quarantine for all users

Previously, if an end user attempted to modify a system-generated spam quarantine
URL, all subsequent spam quarantine users would receive an error when attempting
to access the quarantine. This problem no longer occurs.