| Problem ID |
Problem Summary |
Problem Description |
|
CSCdy32792
|
Library conflict during installation
|
Description:
The installation terminates with the following error messages:
The following files are locked.
C:\Program Files\CSCOpx\bin\MSVCP60.DLL.
Please stop all running processes and click the Next button to proceed or click the Cancel button to abort. And
An error occurred during the move data process: -115 File: C:\Program Files\CSCOpx\bin\MSVCP60.DLL Workaround/Solution:
Shut down all applications and run the installation program again.
|
|
CSCdy14542
|
Conflicting ports used by VMS components
|
Description:
Several VMS components and other Cisco applications use the same port for their network services:
- Port 443 is used as the default port for HTTPS for CiscoWorks Common Services, Cisco Secure ACS, and Cisco Secure Policy Manager (CSPM).
- TCP Port 1741 is used by both CiscoWorks and the CiscoSecure User Registration Tool.
- UDP port 514 is used as the default port for collecting syslog messages by CSPM and Monitoring Center for Security.
Workaround/Solution:
Note Do not install Cisco Secure ACS or CiscoSecure User Registration Tool on the same server as CiscoWorks Common Services. These configurations are not supported.
If these applications are to be installed on the same server, you must change the ports on one of the applications to prevent conflicts. For information on resolving port conflict issues in VMS by modifying the ports used by CSPM, see the Release Notes for Cisco Secure Policy Manager 3.1. For information on modifying the ports used by another application, refer to the User Guide for that application.
|
|
CSCdx86497
|
Buffer overflow in Apache versions prior to and including 1.3.24
|
Description:
This vulnerability is triggered remotely when an invalid request is sent to the Apache web server. The outcome of the invalid request is to terminate and replace the child process dealing with the request, using non-trivial amounts of resources.
Apache is a popular web server that includes support for chunk-encoded data according to the HTTP 1.1 standard, as described in RFC2616.
Apache web server allows remote attackers to execute arbitrary code when chunk-encoded HTTP requests are handled. The Apache Software Foundation has published an advisory describing the details of this vulnerability. For details, see the Apache website.
Workaround/Solution:
Note If you have installed CiscoWorks Common Services, this issue is addressed by that install program.
The CD One, 5th Edition, Apache 1.3.26 patch resolves security vulnerability pertaining to Chunked Encoding found in the previous versions of Apache. This patch fixes routines that deal with invalid requests that are encoded using Chunked Encoding in the Apache web server.
The CD One, 5th Edition, Apache 1.3.26 patch is available on CCO at http://www.cisco.com/pcgi-bin/tablebuild.pl/cw2000-cd-one.
For instructions on installing the patch, see the Readme for CD One, 5th Edition, Apache 1.3.26 Patch.
Note Prior to installing the CD One, 5th Edition, Apache 1.3.26 patch, you must stop the CW2000 Daemon Manager by executing the command net stop crmdmgtd on the CiscoWorks2000 server.
|
|
CSCdx32094
|
Unable to launch event viewer with SSL enabled
|
Description:
This problem is rare but may affect users who regenerate a new certificate with existing credentials. There is a defect in the certificate verification code of the SSLInitializer applet that causes a problem if the following sequence of operations is performed:
1. Install Common Services
2. Enable SSL on the CiscoWorks2000 Server and set up Common Services to use a CiscoWorks2000 Server certificate; restart the CW2000 Daemon Manager
3. Connect to the CiscoWorks2000 Server and click on "Grant Always" when prompted for certificate verification by the plugin applet
4. Close your web browser
5. Disable SSL on the CiscoWorks2000 Server and delete the server.crt file; subsequently, enable SSL again and supply the same certificate credentials that you did earlier; restart dmgtd
6. Open your web browser and navigate to the CiscoWorks2000 Server Desktop again As a result, you will see an "untrusted server cert chain" error in the Java console.
Workaround/Solution:
For information on resolving this problem, see the Release Notes for Management Center for IDS Sensors 1.0 and Monitoring Center for Security 1.0 for Windows 2000.
|
|
CSCdv84222
|
"UninstallShield is in use" message appears during install
|
Description:
The installation program checks the Windows account permissions during installation. If the Windows account that you are installing CiscoWorks Common Services under does not have local administrator privileges, InstallShield displays the following error message:
Setup has detected that UninstallShield is in use.
Please close UninstallShield and restart setup. Error 432.
Workaround/Solution:
Click OK to close the error message, log out of Windows, and log back into Windows using an account that has local administrator privileges.
|
|
CSCdx62209
|
Apache.exe failure on uninstall
|
Description:
An error message stating that the apache.exe service failed appears during the uninstall of CiscoWorks Common Services.
Note This error also appears whenever you manually shut down or restart the CW2000 Daemon Manager service.
Workaround/Solution:
Click OK to close the error message and continue the uninstall. This error has no effect on the uninstall process.
|
|
CSCdx62628
|
Errors appear in Event Log when the system is not defined in a domain.
|
Description:
NetBT errors appear in the event log if the server is not part of a Windows domain or more than one CiscoWorks server has the same workgroup name.
Example error message:
C:\>nbtstat -n
Local Area Connection:
Node IpAddress: [192.168.68.44] Scope Id: []
NetBIOS Local Name Table
Name Type Status
-----------------------------------------
MC-DEMO <00> UNIQUE Registered
WORKGROUP <00> GROUP Registered
MC-DEMO <03> UNIQUE Registered
CASUSER <03> UNIQUE Conflict
MC-DEMO <20> UNIQUE Registered
WORKGROUP <1E> GROUP Registered
ADMINISTRATOR <03> UNIQUE Conflict
Workaround/Solution:
Add the machine to a Windows domain and, if multiple CiscoWorks servers exist in the domain, assign each server to a unique workgroup name.
|
|
CSCdx74308
|
Services do not start after reboot during installation
|
Description:
After installing CiscoWorks Common Services successfully and rebooting the server, you receive a Service could not be started due to Logon Failure error for the following services:
- CW2000 KRS Database
- CW2000 Lock Manager
- CW2000 Device Agent Framework
- CW2000 Tomcat Servlet Engine
This error usually indicates that the password for the account associated with the services has changed. In this case, the message indicates that the Windows account used to install CiscoWorks Common Services was part of the INTERACTIVE group in the local Administrators group. Any user who logs in to the server as part of the INTERACTIVE group has administrator privileges during the login period, allowing the user to install CiscoWorks Common Services.
However, when the Windows service manager starts the services using the associated user name and password, it does not do so interactively. Therefore the services cannot start.
Workaround/Solution:
Verify that the account used to install CiscoWorks Common Services is part of the Administrators group. If it is not directly included in Administrators group, add the account to the Administrators group and reboot the server.
|
|
CSCdy00311
|
Letting a session time out may fill event log with crmtftp messages
|
Description:
When a session times out, the Windows Event Viewer starts to fill up with Informational and Error messages sent by the crmtftp service. Crmtftp is a tftp server used by some applications to move files to and from devices.
Workaround/Solution:
Restart the CW2000 Daemon Manager service to stop the continued logging of these messages. To remove the messages from the Event Log, you can manually delete the crmtftp events.
|
|
CSCdy02949
|
Difficulty browsing CiscoWorks2000 desktop from server machine
|
Description:
If multiple versions of the Java 2 Runtime Environment (JRE) plugin are installed on a system, the browser displays erratic behavior when logged in to the desktop.
Workaround/Solution:
Remove all plugins installed on the system except JRE v1.3.1 that is provided by CiscoWorks Common Services.
|
|
CSCdy04053
|
Daemon Manager may not display the correct state of services
|
Description:
The Daemon Manager does not always display the correct active or inactive state of CiscoWorks Common Services services running under Windows.
Workaround/Solution:
If the system stops responding, use Windows Control Panel to check the status of the CiscoWorks Common Services services:
Star > Settings > Control Panel > Administrative Tools > Services
The services used by CiscoWorks Common Services include:
- CW2000 Daemon Manager
- CW2000 Device Agent Framework
- CW2000 KRS Database
- CW2000 Lock Manager
- CW2000 Sybase Server
- CW2000 Tomcat Servlet Engine
- CW2000 Web Server
If any of these services have a status of "stopped", use Windows Control Panel service manager to restart the CW2000 Daemon Manager service. The CW2000 Daemon Manager service controls the other CiscoWorks Common Services services, and will restart them in the required order.
|
|
CSCdy26688
|
Cannot launch CMF desktop after Common Services installed on system with netForensics
|
Description:
Installing netForensics before CiscoWorks Common Services on the same server prevents the desktop from displaying correctly.
Workaround/Solution:
Install CiscoWorks Common Services first, and then install netForensics.
|
|
CSCdy31988
|
Sybase service problem on Win 2K server with Terminal Services on
|
Description:
There is a known incompatibility between Sybase SQL Anywhere and Windows Terminal Services. (Sybase SQL Anywhere is used by CiscoWorks Common Services).
Details about the problem are available on the Microsoft web site:
http://www.microsoft.com/windows2000/docs/W2kTSApC mpt.doc
Workaround/Solution:
Disable Windows Terminal Services on the server where the CiscoWorks Common Services is installed.
|
|
CSCin04082
|
Pentium IV: java.exe error shown during installation
|
Description:
While installing CiscoWorks Common Services or CD One on a Pentium IV machine, you receive the following error:
java.exe has generated errors and will be closed by windows. You will need to restart the program. An error log is being created. Duplicate: CSCdx57116
Workaround/Solution:
Click OK to close the message box. The installation will continue normally. This message does not affect any functionality.
|
|
CSCin07371
|
Install aborts if HIDS Agent is active
|
Description:
The Host-based Intrusion Detection System (HIDS) Agent conflicts with the installation of CiscoWorks Common Services.
Workaround/Solution:
Disable the HIDS Agent during the installation of CiscoWorks Common Services. You can re-enable the HIDS Agent after CiscoWorks Common Services is installed.
|
|
CSCin10273
|
Installing CiscoWorks Common Services on a system with Sybase SQL causes errors.
|
Description:
Installing CiscoWorks Common Services on a system with Sybase SQL Anywhere already installed causes a conflict with the database engine.
Workaround/Solution:
Remove Sybase, and any libraries used by Sybase that may have been left behind from a previous installation, and then install CiscoWorks Common Services.
|
|
CSCin14028
|
CiscoWorks links does not work due to change in server IP Address
|
Description:
If the administrator of a CiscoWorks Common Services server changes the IP address of the server, the CiscoWorks Common Services pages become unavailable.
Workaround/Solution:
Reboot system after IP address has been change.
|
