Defects fixed in version CiscoCM-CSA-4.0.3.728-1.1(9):

 

This release resolves the following CCM CSA defects:

CSCef74265 - CSA headless agent blocks writing of registry keys to Prognosis
CSCeg23468 - CSA prevents DrWatson from writing to log file
CSCeg25484 - CSA blocks .exe for HP OpenView Operations Agent 7.1
CSCeg32765 - CSA Prevents user.dmp files from being written

Along with the Buffer Overflow issue, this release also fixes the following VSECBU
defects:

CSCef50728     CSACenter driver failed to hook the kernel API ZwLoadDriver on Windows NT Service Pack 6A machines
CSCef59443     Solaris Netshim does not protect all the adapters in a multi-NIC machine using Zynx cards
CSCef73720     Leventmgr consumes high CPU and "no root dir in path" in the csalog.txt
CSCef73629     Bluescreen referencing csacenter on new W2k, W2k3, WinXP installs
CSCef69730     The Network Shim interferes with Dialup networking (DUN) and WinXP
CSCef73374     csauser.dll not compatible with Sabre View Client Software
CSCef85732     network shim causes a crash when Checkpoint Firewalls switches over from one to the other (failover, redundant mode) using Zynx NICs
CSCef96160     Secondary DCOM exploit can be launched while query remains unanswered
CSCef39894     Sending SNMP traps fails over time due to unclosed sockets
CSCef76090     Windows 2003 Domain Controller Bluescreen
CSCef81457     Data stream information shown, causing syntax problems with Profiler and the rules wizard.
CSCeg02824     module <unknown> in kernel protection
CSCef97127     Additional Winlogon.exe pattern exclusion that resolves issue of Windows XP service Pack 2 machines not booting up
CSCeg13232     Software updates for Solaris agents on some Checkpoint Firewalls do not update due to a path issue
CSCeg11609     Netshim blocks VPN connections on machines using some versions of Cisco VPN Client 4.0.5
CSCeg01956     SMS 2003 Client cannot receive jobs from the SMS server
CSCee36910     -Next- button missing from Registry ACL exception Wizard
CSCee39177     CSA causes Outlook 2003 hang returning from standby/hibernate
CSCee70492     Event Log purge-by-policy purges entire log
CSCee94732     Incompatibility between CSA Agent and SunFire v440
CSCee27516     Exception Wizard generates invalid path for Trojan event
CSCee54213     Memory leak with Apache on CSA MC machine
CSCee36266     Post upgrade, NACL rules using @local not in effect until 2nd reboot
CSCef42334     CSA on Solaris Tivoli Gateway.  Causes Tivoli to crash
CSCee94732     CSA on Solaris Gateway.  Causes CSA agent to crash
CSCef15235     CSA on Solaris Checkpoint Firewall.  Causes firewall to crash

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Defects fixed in version CiscoCM-CSA-4.0.2.629-1.1(8):

 

Support for IBM Tivoli in the CCM CSA Policy

 

Support for DisKeeper in the CCM CSA Policy

 

CSCef39968 - CSA headless agent policy is not allowing Active Directory activity

 

CSCef40445 - CSA denies inetinfo requests

 

CSCef42735 - CSA alerts on virus scan of Windows system files

 

CSCef75137 - CSA does not allow Trend to update

 

CSCef69697 - CSA Virus Scanner Policy update for Trend

 

CSCef69702 - CSA Policy needs to be updated for Mc Antivirus

 

CSCef69706 - Adding support for Diskeeper to CCM CSA Policy

 

CSCef72704 - CSA policy needs to add support for Tivoli

 

CSCef83030 - CSA Policy error with CCM 4.1.24 and Java

 

CSCef77218 - Default published CSA Policy does not allow changes to CCC Info page

 

CSCef73466 - CSA prevents Virusscan from cleaning virus

 

CSCef88052 - Deny CRS running SQL with named instance MSSQL$CRSSQL

 

CSCef89915 - CSA queries during BARS restore process

 

CSCef90994 - CSA query during BARS restore process on CRA2.2(5)

 

CSCef96630 - CSA query: write/delete key in registry

 

CSCeg03116 - CSA query during BARS backup process

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Defects fixed in version CiscoCM-CSA-4.0.2.629-1.1(7):

 

Support for NAI's Epolicy Agent in the CCM CSA Policy.

 

Support for BMC Patrol Software in the CCM CSA Policy.

 

CSCec87867 - call manager, headless agent, buffer overflow false positive

 

CSCef16898 - CCM CSA policy needs ICM App class

 

CSCef16976 - Add Command Shell Permission for ICM App Class

 

CSCef16985 - File Access Control needed for ICM App Class

 

CSCef20882 - Modify the Required Windows System Module in CSA Policy

 

CSCef20974 - Integrate EPOAgent into CSA Policy

 

CSCef21251 - Need to integrate BMC Patrol into the CSA Policy

 

CSCef16397 - CCM CSA policy 1.1(6) issues warning for Trend ServerProtect updates

 

CSCef21264 - CSA Policy data sets need to be changed

 

CSCin78910 - Java needs network port 636 access in CSA Policy

 

CSCef29334 - CSA policy must allow sqlservr.exe to write to TEMP envir variable

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Defects fixed in version CiscoCM-CSA-4.0.2.629-1.1(6):

 

CSCee11315     Solaris Vulnerability: Non-root local users can load kernel modules

 

CSCec67344     Kernel Panic on Solaris with CSA Agent and Veritas

 

CSCec86495     Crash detected with CSA Registry Driver

 

CSCed41416     Wizard intermittantly missing Next button

 

CSCed73281     Intermittant Runtime Error generating Profiler Reports

 

CSCed52868     Incompatibility detected with Dragon Natural Speaking 7.0

 

CSCed24999     Solaris Machine with DMFE interface fails to load Agent netshim

 

CSCec83770     CSA Agent conflicting with AutoCAD

 

CSCed86781     Incompatibility detected with CSA Agent and NetformX

 

CSCed62664     CCM CSA Policy needs to accomodate CDP Protocol

 

CSCed75406     CSA should pop up warning message about MLA files

 

CSCee81355     CSA prevents IPMA Clients to login to IPMA service

 

CSCee85526     sqlservr.exe was queried when tried to open Perflib_Perfdata_8bc.dat

 

 

 

Caveats: Open bugs will be fixed in next release - CSA 1.1(6):

 

CSCed19620     Performance degradation in MOH Server with Cisco Security Agt

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Defects fixed in version CiscoCM-CSA-4.0.1.539-1.1(5):

 

CSCed37969: CSA pop up for Trend .DAT updates

 

 

CSCed50562: CSA installed on a CCM, CSA logs indicate conflict with CDP

 

 

CSCed50571: CSA indicates a problem with Remote Access NDIS WAN in the security

 

CSCed37969: CSA pop up for Trend .DAT updates

 

 

CSCed71075: Registry Key Protection for CSA

 

 

CSCed72625: CSA Headless Agent blocks BARS to backup CRS 3.1.2

 

 

CSCed73923: CSA Documentation need to be updated with the supported CM versions

 

 

CSCed77586: CSA Readme Incorrectly states Trend Micro as supported on CM

 

CSCed77996: CSA rule must take into account new SQL path for named instances

 

 

CSCed92193: Using CSA with CRA 2.2(5) IVR and changing System Properties

 

 

CSCed94740: Using CSA on CRS and creating ODBC Data Source System DSN is queried

 

 

CSCed94756: Using CSA with CRA 2.2(5) IVR admin cannot view log files

 

 

CSCee04444: CSA policy blocks UDP connections on port 1434

 

 

CSCee07514: Micromuse Netcool keystroke capture issue CSA

 

 

CSCee11359: Using CSA on CRS and TCP connections are queried

 

 

CSCee22730: CSA policy update for Norton directories

 

CSCee19349: ActiveXObject error on CCMAdmin/User page

 

CSCee35363: Using CSA on CRS and TCP connection port 8404 is queried

 

CSCee35375: Using CSA on CRS and TCP connection port 1433 is queried

 

CSCee37661: Using CSA on CRS and FrameworkService tries to capture all keystroke

 

CSCee36705: TAPs Unable to Login w/ CSA

 

 

 

Caveats: Open bugs will be fixed in next release - CSA 1.1(6):

 

 

CSCec87867: call manager, headless agent, buffer overflow false positive?

 

 

CSCed75406: CSA should pop up warning message about MLA files

 

 

CSCed85569: CSA Policy denies accessing Q.931 translator IOS formating option

 

CSCee37078: A 12 - Impacts installation of other software (CTL in this case)

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Defects fixed in version CiscoCM-CSA-4.0.1.539-1.1(4):

 

CSCed67525 - Backup fails dumping SQL db to root of C drive with CSA installed.

Resolved by adding SQL7 compatibility to policy and allowing backup permission to access files.

 

CSCed56086 - Application Log flooded with errors when RTMT is started.

Resolved by allowing IIS to access to txt and bin files.

 

CSCed55022 - CSA prevents TAPS from writing logfiles.

Resolved by allowing java.exe to access the scripting library.

 

CSCed51518 - CSA prevent inetinfo.exe from running.

Resolved by allowing IIS to access the scripting library.

 

CSCed50580 - CSA has a conflict with SQL ver7.

Resolved by adding SQL7 compatibility to policy.

 

CSCed36727 - CSA prevents NetIQmc.exe part of NETIQ Vivinet Manager from running.

Resolved by allowing NetIQ system files access to the scripting libraries.

 

CSCed13415 - CSA prevents ICSSM SQLAgent from writing SQLAgent.N log.

Resolved by adding ICSSM install directories to the permission list for the policy.

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Open bugs will be fixed in next release - CSA 1.1(5):

 

 

CSCed72625 - CSA Headless Agent blocks BARS to backup CRS 3.1.2

BARS 4.0.2 fails to backup CRS data when CSA (4.0.1 built 539) is enabled

 

CSA agent 4.0.1-539

CCM 3.3.3

BARS 4.0.2

 

CCM is BARS Server, and CRS is BARS Target.

During backup, backup of CRS fails with messages "could not verify db backup"

and could not backup CRS successfully on nn.nn.nn.nn".

 

Backup runs OK if CSA is suspended on CRS.

Disable CSA agent, then the backup works fine.