Defects
fixed in version CiscoCM-CSA-4.5.1.628-2.0(4):
This release resolves the following CCM CSA defects:
CSCsc72336
- Access to 'C:\WINNT\system32\net.exe' denied
CSCsd12339
- CCM CSA needs to add network permission to HPOVA
Various
issues with Untrusted Applications
Various
issues with Security Applications
Various
issues with Prognosis Application
Various
LDAP permissions added
Various
Security Enhancements from 4.5.1.639 to 4.5.1.645 versions of CSA.
Defects
fixed in version CiscoCM-CSA-4.5.1.628-2.0(3):
This release resolves the following CCM CSA defects:
CSCsc55799
– Allow CRS pgagent execs in **\icm\bin
to write/open files in **\icm\bin
Various
Security Enhancements from 4.5.1.628 to 4.5.1.639 versions of CSA.
Defects
fixed in version CiscoCM-CSA-4.5.1.628-2.0(2):
This release resolves the following CCM CSA defects:
CSCsb62776
- CSA Standalone blocks Symantec Live Update
CSCsb62217
- CSA causing ICS backup to fail
CSCsb81957
- CSA Standalone blocks JAC updates
CSCsb71540
- CSA Agent is intefering with Conference Connection
CSCsb84213
- CCM CSA - Add protection against buffer exploit
CSCsb84229
- CCM CSA - Trend issues
CSCsb27155 - CCM CSA blocks some Tivoli Activity
CSCsa64991
- UnInstalling CSA does not remove its version from
MCS Version Utility
CSCsb85971
- CSA prevents McAfee Antivirus writing to its log file
CSCsc01029
- CSA frequently logging multiple errors in Application log
CSCsb84791 - CCM-CSA 2.0(1) needs DMA application class and exceptions
CSCsc14469 - CSA has no do not ask again option and blocks custom application
CSCsb82494
- CCM-CSA 2.0(1) breaks TFTP signed load creation when disabled
Defects
fixed in version CiscoCM-CSA-4.5.0.573-2.0(1):
This release resolves the following CCM CSA defects:
CSCsa72649 - All insertions fail if description contains '///'
CSCsa98211 - CSA2.0(beta3): CreateFileA Operation denied on CRS server
CSCsa99994 - CSA2.0(Beta4): Insert code DINPUT.dll into another process denied
CSCsa76304 - Access to registry key denied
CSCsb02184 - CSA2.0(beta4) denied JTAPI update Tool to run on CRS server
CSCsb01469 - Tomcat service does not start when CSA 4.5.565 installed
CSCsb07094 - CCM-CSA 2.0 (Beta5) policy error for VNC wm_hooks.dll
CSCsb09438 - CCM-CSA 2.0(Beta5) breaks TFTP signed load creation
CSCef62960 - CSA should not allow Suspend/Resume Security changes by a Non-Admin
CSCsa76249 - Access to TCP port 445 denied
CSCsb17443 - CCM-CSA 2.0 (Beta6) policy error with csrss.exe
CSCsb16763 - CSA standalone agent, frameworkservice.exe consuming 100% CPU
CSCsa94770 - TEA CSA prevents DrWatson from writing to log file
Defects
fixed in version CiscoCM-CSA-4.0.3.728-1.1(10):
This release resolves the following CCM CSA defects:
CSCef10283 - Distributed Transaction error on first subscriber after pub reboot
CSCef82043 - CSA install wrapper not writing enough info to History.log
CSCeg57610 - CSA issues with DBL num.bin when DBL trace change default location
CSCeg87198 - BMC Patrol memory errors with CSA 1.1(9)
CSCeg50217 - BMC Patrol not working with CSA 1.1(9)
CSCeg87198 - BMC Patrol memory errors with CSA 1.1(9)
CSCeg88404
- CSA prevents writing of Prognosis registry keys
CSCsa62505 - CSA exceptions for Symantec
CSCsa66000
- CSA needs permission for HP OVA to work
Defects
fixed in version CiscoCM-CSA-4.0.3.728-1.1(9):
This release resolves the following CCM CSA defects:
CSCef74265 - CSA headless agent blocks writing of registry keys to Prognosis
CSCeg23468 - CSA prevents DrWatson from writing to
log file
CSCeg25484 - CSA blocks .exe for HP OpenView
Operations Agent 7.1
CSCeg32765 - CSA Prevents user.dmp files from being
written
Along with the Buffer Overflow issue, this release also fixes the following
VSECBU
defects:
CSCef50728 CSACenter driver
failed to hook the kernel API ZwLoadDriver on Windows
NT Service Pack 6A machines
CSCef59443 Solaris Netshim does
not protect all the adapters in a multi-NIC machine using Zynx
cards
CSCef73720 Leventmgr consumes
high CPU and "no root dir in path" in the csalog.txt
CSCef73629 Bluescreen
referencing csacenter on new W2k, W2k3, WinXP installs
CSCef69730 The Network Shim interferes with Dialup
networking (DUN) and WinXP
CSCef73374 csauser.dll not compatible with Sabre View Client Software
CSCef85732 network shim causes a crash when Checkpoint
Firewalls switches over from one to the other (failover, redundant mode) using Zynx NICs
CSCef96160 Secondary DCOM exploit can be launched while
query remains unanswered
CSCef39894 Sending SNMP traps fails over time due to
unclosed sockets
CSCef76090 Windows 2003 Domain Controller Bluescreen
CSCef81457 Data stream information shown, causing
syntax problems with Profiler and the rules wizard.
CSCeg02824 module <unknown> in kernel protection
CSCef97127 Additional Winlogon.exe pattern exclusion
that resolves issue of Windows XP service Pack 2 machines not booting up
CSCeg13232 Software updates for Solaris agents on some
Checkpoint Firewalls do not update due to a path issue
CSCeg11609 Netshim blocks VPN
connections on machines using some versions of Cisco VPN Client 4.0.5
CSCeg01956 SMS 2003 Client cannot receive jobs from the
SMS server
CSCee36910 -Next- button missing from Registry ACL
exception Wizard
CSCee39177 CSA causes Outlook 2003 hang returning from
standby/hibernate
CSCee70492 Event Log purge-by-policy purges entire log
CSCee94732 Incompatibility between CSA Agent and SunFire v440
CSCee27516 Exception Wizard generates invalid path for
Trojan event
CSCee54213 Memory leak with Apache on CSA MC machine
CSCee36266 Post upgrade, NACL rules using @local not in
effect until 2nd reboot
CSCef42334 CSA on Solaris Tivoli Gateway. Causes
CSCee94732 CSA on Solaris Gateway. Causes CSA agent to crash
CSCef15235 CSA on Solaris Checkpoint Firewall.
Causes firewall to crash
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Defects
fixed in version CiscoCM-CSA-4.0.2.629-1.1(8):
Support
for IBM Tivoli in the CCM CSA Policy
Support
for DisKeeper in the CCM CSA Policy
CSCef39968
- CSA headless agent policy is not allowing Active Directory activity
CSCef40445
- CSA denies inetinfo requests
CSCef42735
- CSA alerts on virus scan of Windows system files
CSCef75137
- CSA does not allow Trend to update
CSCef69697
- CSA Virus Scanner Policy update for Trend
CSCef69702
- CSA Policy needs to be updated for Mc Antivirus
CSCef69706
- Adding support for Diskeeper to CCM CSA Policy
CSCef72704
- CSA policy needs to add support for Tivoli
CSCef83030
- CSA Policy error with CCM 4.1.24 and Java
CSCef77218
- Default published CSA Policy does not allow changes to CCC Info page
CSCef73466
- CSA prevents Virusscan from cleaning virus
CSCef88052
- Deny CRS running SQL with named instance MSSQL$CRSSQL
CSCef89915
- CSA queries during BARS restore process
CSCef90994
- CSA query during BARS restore process on CRA2.2(5)
CSCef96630
- CSA query: write/delete key in registry
CSCeg03116
- CSA query during BARS backup process
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Defects
fixed in version CiscoCM-CSA-4.0.2.629-1.1(7):
Support
for NAI's Epolicy Agent in
the CCM CSA Policy.
Support
for BMC Patrol Software in the CCM CSA Policy.
CSCec87867
- call manager, headless agent, buffer overflow false positive
CSCef16898
- CCM CSA policy needs ICM App class
CSCef16976
- Add Command Shell Permission for ICM App Class
CSCef16985
- File Access Control needed for ICM App Class
CSCef20882
- Modify the Required Windows System Module in CSA Policy
CSCef20974
- Integrate EPOAgent into CSA Policy
CSCef21251
- Need to integrate BMC Patrol into the CSA Policy
CSCef16397
- CCM CSA policy 1.1(6) issues warning for Trend ServerProtect
updates
CSCef21264
- CSA Policy data sets need to be changed
CSCin78910
- Java needs network port 636 access in CSA Policy
CSCef29334
- CSA policy must allow sqlservr.exe to write to TEMP envir
variable
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Defects
fixed in version CiscoCM-CSA-4.0.2.629-1.1(6):
CSCee11315 Solaris Vulnerability: Non-root local
users can load kernel modules
CSCec67344 Kernel Panic on Solaris with CSA Agent and
Veritas
CSCec86495 Crash detected with CSA Registry Driver
CSCed41416 Wizard intermittantly
missing Next button
CSCed73281 Intermittant
Runtime Error generating Profiler Reports
CSCed52868 Incompatibility detected with Dragon
Natural Speaking 7.0
CSCed24999 Solaris Machine with DMFE interface fails
to load Agent netshim
CSCec83770 CSA Agent conflicting with AutoCAD
CSCed86781 Incompatibility detected with CSA Agent and
NetformX
CSCed62664 CCM CSA Policy needs to accomodate CDP Protocol
CSCed75406 CSA should pop up warning message about
MLA files
CSCee81355 CSA prevents IPMA Clients to login to IPMA
service
CSCee85526 sqlservr.exe was queried when tried to
open Perflib_Perfdata_8bc.dat
Caveats:
Open bugs will be fixed in next release - CSA 1.1(6):
CSCed19620 Performance degradation in MOH Server with
Cisco Security Agt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Defects fixed
in version CiscoCM-CSA-4.0.1.539-1.1(5):
CSCed37969:
CSA pop up for Trend .DAT updates
CSCed50562:
CSA installed on a CCM, CSA logs indicate conflict with CDP
CSCed50571:
CSA indicates a problem with Remote Access NDIS WAN in the security
CSCed37969:
CSA pop up for Trend .DAT updates
CSCed71075:
Registry Key Protection for CSA
CSCed72625:
CSA Headless Agent blocks BARS to backup CRS 3.1.2
CSCed73923:
CSA Documentation need to be updated with the supported CM versions
CSCed77586:
CSA Readme Incorrectly states Trend Micro as
supported on CM
CSCed77996:
CSA rule must take into account new SQL path for named instances
CSCed92193:
Using CSA with CRA 2.2(5) IVR and changing System Properties
CSCed94740:
Using CSA on CRS and creating ODBC Data Source System DSN is queried
CSCed94756:
Using CSA with CRA 2.2(5) IVR admin cannot view log files
CSCee04444:
CSA policy blocks UDP connections on port 1434
CSCee07514:
Micromuse Netcool keystroke
capture issue CSA
CSCee11359:
Using CSA on CRS and TCP connections are queried
CSCee22730:
CSA policy update for Norton directories
CSCee19349:
ActiveXObject error on CCMAdmin/User
page
CSCee35363:
Using CSA on CRS and TCP connection port 8404 is queried
CSCee35375:
Using CSA on CRS and TCP connection port 1433 is queried
CSCee37661:
Using CSA on CRS and FrameworkService tries to
capture all keystroke
CSCee36705:
TAPs Unable to Login w/ CSA
Caveats:
Open bugs will be fixed in next release - CSA 1.1(6):
CSCec87867:
call manager, headless agent, buffer overflow false positive?
CSCed75406:
CSA should pop up warning message about MLA files
CSCed85569:
CSA Policy denies accessing Q.931 translator IOS formating
option
CSCee37078:
A 12 - Impacts installation of other software (CTL in this case)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Defects
fixed in version CiscoCM-CSA-4.0.1.539-1.1(4):
CSCed67525
- Backup fails dumping SQL db to root of C drive with CSA installed.
Resolved by
adding SQL7 compatibility to policy and allowing backup permission to access
files.
CSCed56086
- Application Log flooded with errors when RTMT is started.
Resolved
by allowing IIS to access to txt and bin files.
CSCed55022
- CSA prevents TAPS from writing logfiles.
Resolved
by allowing java.exe to access the scripting library.
CSCed51518
- CSA prevent inetinfo.exe from running.
Resolved
by allowing IIS to access the scripting library.
CSCed50580
- CSA has a conflict with SQL ver7.
Resolved
by adding SQL7 compatibility to policy.
CSCed36727
- CSA prevents NetIQmc.exe part of NETIQ Vivinet
Manager from running.
Resolved
by allowing NetIQ system files access to the
scripting libraries.
CSCed13415
- CSA prevents ICSSM SQLAgent from writing SQLAgent.N log.
Resolved
by adding ICSSM install directories to the permission list for the policy.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Open bugs
will be fixed in next release - CSA 1.1(5):
CSCed72625
- CSA Headless Agent blocks BARS to backup CRS 3.1.2
BARS 4.0.2
fails to backup CRS data when CSA (4.0.1 built 539) is enabled
CSA agent
4.0.1-539
CCM 3.3.3
BARS 4.0.2
CCM is
BARS Server, and CRS is BARS Target.
During
backup, backup of CRS fails with messages "could not verify db
backup"
and could
not backup CRS successfully on nn.nn.nn.nn".
Backup
runs OK if CSA is suspended on CRS.
Disable
CSA agent, then the backup works fine.