Guest

Cisco Security Agent

Field Notice: FN - 62512 - Cisco Security Agent (CSA) Software Deferral Advisory Notice for Versions 4.0.3.xxx


Revised April 30, 2008

September 20, 2006

NOTICE:

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE, WARRANTY OR SUPPORT. USE OF THE INFORMATION ON THIS FIELD NOTICE OR MATERIALS LINKED FROM THIS FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.


    

Revision History

Revision

Date

Comment

1.2 30-APR-2008 Extended the field notice - removed Expired wording

1.1

17-OCT-2007

Expired the field notice

1.0

20-SEP-2006

Initial Public Release

    

Products Affected

CSA - 4.0.3 - Cisco Security Agent

Problem Description

Cisco Security Agent software versions 4.0.3.xxx are being deferred to version 5.0.0.189 or higher due to a defect which causes a lack of CSA protection during PC bootup.

Background

CSA versions 4.0.3.xxx are subject to defect CSCsf07882. There is approximately 20 seconds during bootup when the PC is open to port scans and Nessus indicates that port 139 is open. Versions 4.5.x and later do not have this vulnerability.

Problem Symptoms

There may not be any sypmtoms visible to the user at the time of bootup.

Workaround/Solution

Move to CSA version 5.0.0.189 or later located at the Hotfixes for Cisco Security Agent Software Download (registered customers only) page.

Filename: fcs-csamc-hotfix-5.0.0.189-w2k-k9.zip

Dated: 29-JUN-2006

Version 5.0.0.189 can be co-installed with 4.0.3. Once the 5.0.x agent kits are generated and deployed, then CSA MC 4.0.3 can be un-installed. The detailed procedure is documented in section 3-3 (p. 53 in 5.0.0.189) of the Installing Management Center for Cisco Security Agents 5.0 guide.

Version 4.5.x is not affected by this vulnerability, but Cisco recommends moving to CSA version 5.0.0.189 or later to obtain additional fixes. CSA 5.0.0.189 requires VMS 2.3 and a valid VMS license. VMS 2.3 may be downloaded at the VPN/Security Management Solution (VMS) Software Download (registered customers only) page.

If you choose to upgrade to CSA 5.1.0.xxx or later, VMS is no longer required. There is no direct upgrade path from 4.0.3.xxx to 5.1.0.xxx, as the 5.1.0 release would have to be a fresh installation.

DDTS

To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.

DDTS

Description

CSCsf07882 (registered customers only)

CSA Does not protect a PC during bootup

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.