Release Notes

Release Notes for Cisco Intrusion Prevention System 5.1(7)E1

OL-8492-01

Caveats

Resolved Caveats

The following known issues have been resolved in IPS 5.1(7)E1:

• CSCeh12238—H225 sig 12505 subsig 5 is not alarming

• CSCsb60379—show int clear not clearing interface statistics on idsm-2

• CSCsc74205—Time slows down when auto bypass activated

• CSCsc80083—Integration merge of CSCef91892 failed for rel_zirconium_5.1

• CSCsc87782—show stat host command date always increases

• CSCsd29169—Un-tuning of event-actions may retain previously tuned values

• CSCsd56199—IDM hanging with large iplogs

• CSCsd72726—getting rbcp exception errors on nm-cids

• CSCse24364—4FE - interfaces not reporting Missed Packet Percentage

• CSCse32979—Analysis Engine should short circuit all same src/dst addr packets

• CSCse76558—Leading [\r\n] in Regex Causes MML Not to Work Properly

• CSCsf09370—sensorApp analysisEngine statistics packets reset can be inaccurate

• CSCsf15005—IPS: Specifying RegEx breaks IPv6 tunneling inspection

• CSCsf24499—NM-CIDS interface info is missing

• CSCsg04913—install - service account's .bash_profile not carried forward

• CSCsg05090—Ethernet frames with unknown protocol triggers sig 1102 in 5.1

• CSCsg23357—4250-XL and IDSM-2 - sensor lockup when monitoring loop of pcaps

• CSCsg24632—String.TCP sigs may fire out of order

• CSCsg25839—IPS 5.1.3 ssh process vulnerable to CRC32 compensation DOS attack

• CSCsg28140—admin disable an interface does not produce link down event

• CSCsg36508—setting rate value on flood-net sigs requires reset to take effect -Zirc

• CSCsg66199—event-action tunings not affecting global-summary alert

• CSCsg72053—sigID 1307:0 produces False Neg

• CSCsg95895—sensor host-ip netmask issue

• CSCsh02866—4250-XL and IDSM-2 - (5.1)display warning messages after looping traffic

• CSCsh12977—Creation/cloning of customer created AD signature should not be allowed.

• CSCsh36795—Flows not inspected on SSM in certain case

• CSCsh41862—IDSM2 does not send reboot msg when doing an upgrade with 5.1(5)E2

• CSCsh66450—5.1(5)SP signature regression identified a few sigs that false negative

• CSCsh76500—sensorApp memory leak during pcap replay

• CSCsh84203—Meta Signatures Have promisc-delta Applied in Inline Mode

• CSCsh92703—5.1(5) Recovery Image - wrong link in platform check error message

• CSCsh95142—extend http performance enhancement algorithm to other than port 80

• CSCsh98882—extend 5.1 virtual sensor stats to improve field troubleshooting

• CSCsi02469—IDS - Remote event monitor apps cause high sensor HDD access