Release Notes for McAfee WebShield Version 2.0/2.1 HotFix 12 (c) 2001-2002 Networks Associates Technology, Inc. All Rights Reserved. =============================================== HotFix Release: 19th August 2002 This HotFix was developed and tested with: - WebShield Appliance V2.0/2.1 - DAT Version: 4208 - Engine Version: 4160 This HotFix will not install without the 4160 Engine being installed. =============================================== Thank you for using McAfee WebShield V2.0/2.1 software. This file contains important information regarding this release. We strongly recommend that you read the entire document. The attached files are provided as is, and with no warranty either expressed or implied as to their suitability for any particular use or purpose. Network Associates, Inc. assumes no liability for damages incurred either directly or indirectly as a result of the use of these files, including but not limited to the loss or damage of data or systems, loss of business or revenue, or incidental damages arising from their use. HotFix files should be applied only on the advice of McAfee Technical Support, and only when you are actually experiencing the issue being addressed by the HotFix. HotFix files should not be proactively applied in order to prevent potential product issues. You are responsible for reading and following all instructions for preparation, configuration, and installation of HotFix files. HotFix files are not a substitute nor replacement for product Service Packs which may be released by Network Associates, Inc. It is a violation of your software license agreement to distribute or share these files with any other person or entity without written permission from Network Associates, Inc. Further, posting of McAfee HotFix files to publicly available Internet sites is prohibited. Network Associates, Inc. reserves the right to refuse distribution of HotFix files to any company or person guilty of unlawful distribution of McAfee software products. Questions or issues with McAfee HotFix files should be directed to McAfee Technical Support. - About This HotFix - Purpose - Resolved Issues - Files Included with This HotFix - Installation - Installation Requirements - Installation Steps - Testing Your Installation - Removing This HotFix - Contacting McAfee and Network Associates - Copyright and Trademark Attributions - Trademarks - License Agreement _______________________________________________ ABOUT THIS HOTFIX PURPOSE This HotFix includes one compressed archive file for use with McAfee WebShield V2.0/2.1 software. This new file resolves the issues described in the section "RESOLVED ISSUES". New issues resolved in this HotFix are issues 69-75. RESOLVED ISSUES 1. This HotFix significantly improves the performance of the POP3 Proxy scanner by improving the data buffering within the POP3 Proxy. 2. This HotFix also resolves an issue with the inbound and outbound handoff hosts for the HTTP proxies. Previously the HTTP requests did not get sent to the configured hosts if they were in the form of: address:port 3. This HotFix also resolves an issue that could cause WebShield to misdirect e-mail to additional recipients if an SMTP connection terminated after sender and recipient information had been received, but before any data was sent. If a subsequent connection was then established from a server that did not do a RSET before sending mail, additional recipients may be added to the e-mail recipient list. 4. This HotFix provides additional logging of Sender and Recipient information if Informational Logging is enabled in the Logging and Reporting menu. This information is only available in the CSV formatted reports. 5. This HotFix also resolves an issue in the Japanese version of the software where the value for the HTTP handoff host for outbound traffic was not getting saved. 6. This HotFix also resolves an issue in the Japanese version of the software where the Index and Search tabs were not available in the Japanese online help system. 7. This HotFix also resolves an issue in the Japanese version of the software where the ToolTips for the Help and Cancel buttons were displayed in English. The ToolTips are now displayed in Japanese on the Japanese WebShield V2.x Appliance. 8. This HotFix also resolves a buffer overflow in the CSMAP daemon. It is possible to exploit this buffer overflow vulnerability to execute arbitrary shell commands with the same privileges as the owner of the corresponding daemon. 9. This HotFix also resolves an issue with the HTTP scanner. It modifies a timeout value and changes several other configuration options. This allows more connections to be managed by the HTTP proxy. 10. This HotFix resolves an issue with the V2.x’s network driver. Under extreme load the driver would fail to recover from a lack of system resources. 11. This HotFix resolves an issue with domain names being case sensitive. This specifically relates to the E-mail, Anti-Relay, Local Domains and Permit Domains entries. 12. This HotFix resolves an issue with wild card support. Wild card support has been added to E-mail, Anti-Relay and Anti-Spam fields. 13. This HotFix also resolves an issue in the Japanese version with Shift-JIS encoding when outputting log files in the CSV format. 14. This HotFix resolves an issue with file handles not being released correctly. This would result in the V2.x becoming unresponsive to network requests. 15. This HotFix resolves an issue with mail being delivered multiple times due to an internal timeout occurring and a 250 not being sent to the delivering SMTP client. 16. This HotFix resolves an issue with Web Servers reporting incorrect file sizes. This results in an error being reported to the log files for each virus definition in the DAT set. This will ultimately result in the log partition becoming full and the machine becoming unresponsive. 17. This HotFix resolves an issue with large binary downloads not being transferred correctly via POP3 proxy. 18. This HotFix resolves an issue with POP3 proxy becoming unresponsive after periods of heavy load. 19. This HotFix resolves an issue with the initial timeout period when the retryer process attempts to deliver mail. 20. This HotFix resolves an issue with the SMTP retryer process and time zone dependencies. 21. This HotFix resolves an issue with HTTP proxy holding open an additional port with secure connections. 22. This HotFix will install a new network interface driver. The new driver resolves an issue with dump_stat_cntrs slowdown under load and adjusts memory allocations for the new driver. 23. This HotFix resolves an issue with a zero byte file being left within an e-mail after a successful clean operation on an infected attachment. 24. This HotFix resolves an issue with corrupted XML logs generating "Fatal Errors occurred" warnings when saving log files. 25. This HotFix resolves an issue with the cron time not being refreshed when a timezone change happens. 26. This HotFix resolves an issue with inbound scanning failing when outbound scanning is turned off. 27. This HotFix resolves an issue with multiple 230 lines being received from an FTP server. 28. This HotFix resolves an issue with HTTP post requests being delayed until a timeout occurred. 29. This HotFix resolves an issue with infections not being quarantined correctly. 30. This HotFix resolves an issue with a zero byte file contained within a .cab archive file being treated as locked when scanned and the archive blocked as suspicious file. 31. This HotFix resolves an issue with csmap not accepting e-mail from servers whose reverse DNS lookup doesn’t match the forward lookup. 32. This HotFix resolves an issue with the NIC driver used in the e250 appliance becoming unstable when used on a 10 M/b network. 33. This HotFix will only install to an appliance that has the 4160 engine installed. "Install failed" is displayed if the 4160 engine isn’t installed prior to the HotFix. 34. This HotFix resolves an issue with mail alerts and deferred mail not using the UI selected mail delivery methods. 35. This HotFix resolves an issue with the appliance potentially delivering multiple mails with a full deferred partition. 36. This HotFix resolves an issue with the handling of local domain lists (retryer and csmap). Errors occurred if any entry in the list could not be resolved. 37. This HotFix replaces a "FATAL Error" message to a "Parse error" message when saving log files. 38. This HotFix replaces the kernel with a new 2.4 kernel to improve HTTP performance. 39. This HotFix has an updated NIC driver for the E250 Appliance. 40. This HotFix resolves an issue with scanning of large e-mail message’s using excessive memory. 41. This HotFix resolves an issue with large e-mail messages consuming large amounts of memory when both Content-Scanning and Disclaimers are enabled. 42. This HotFix resolves an issue with L:1 model(1 connection per listener). Listeners are now recycled after a configurable number of bytes are processed. 43. This HotFix offers improved Network layer control of outbound SMTP connections. 44. This HotFix resolves an issue with data events happening on the SMTP protocol channel. 45. This HotFix adds a fix for POP3 proxy whereby it becomes unresponsive under load, relating to an issue in the GetLine() buffering code. 46. This HotFix frees HTTP proxy memory usage by implementing proxy memory recycling. 47. This HotFix resolves an issue with reports showing "Not Given" if the URL in question exceeds 120 characters. 48. This HotFix resolves an issue with the Subject line checking code for partial message identification incorrectly triggering on some Uuencoded messages. 49. This HotFix resolves an issue with configurations not accepting or recognizing changes being made. The existence of within the customer’s configuration caused this issue. The code now strips these tags and attempts to reload. 50. This HotFix resolves an issue with SMTP domain names that end with a ".". 51. This HotFix resolves an issue with the HTTP proxy not handling an incorrect HTTP header and terminating the connection. 52. This HotFix resolves an issue with /virtmp becoming full and causing proxy instability. Cleanup now happens every thirty minutes. 53. This HotFix resolves an issue with a possible brute force attack based on username enumeration against the Apache server. 54. This HotFix resolves an issue with UNIX ftp clients failing to GET a file from a Microsoft FTP server when connecting via an appliance, if a return code of 125 is reported rather than a 150. 55. This HotFix resolves an issue where the contents of the deferred or quarantine folders could fail to display when certain types of character encoding appeared in the message headers. 56. This HotFix adds new functionality that allows the appliance to deliver non-RFC compliant emails that contain an underscore in the FQDN of the recipient address. See the accompanying nonrfcdomain.rtf for details on implementing this new functionality. 57. This HotFix resolves an issue with archive files. If the archive file contains a file that reports as locked when scanned, the archive was treated as a suspicious file and the archive was blocked. This is typically because the file is 0 bytes in size. 58. This HotFix resolves an issue with the POP3 proxy, where cleaning infected files could cause them to become corrupt. 59. This HotFix reinstates new functionality that gives the option to add a subject prefix for mails that have been cleaned. See accompanying subjectprefix.rtf for details on implementing this functionality. 60. This HotFix resolves issues with the SMTP proxy recognizing a variety of incorrectly formatted MIME messages. 61. This HotFix has made a change to the SMTP proxy to ensure that Content-Transfer-Encoding headers always contain legal attributes. 62. This HotFix resolves an issue with the FTP proxy that caused keepalive on wu-ftp to function incorrectly. 63. This HotFix resolves an issue with the automatic update not handling username/password correctly via a proxy over http. 64. This HotFix resolves an issue where the POP3 proxy could try to repair files incorrectly. 65. This HotFix resolves an issue with nested MIME boundaries where there is a leading match with the external boundary within the internal boundary. Previously this could result in the truncation of the message. 66. This HotFix resolves an issue with establishing HTTP, POP3 or FTP connections where the connection could not be fully established and the partial connection was waiting on a timeout provided by the operating system. 67. This HotFix resolves an issue where valid uuencoded messages could be mistaken for a malformed MIME exploit. 68. This HotFix rectifies a condition where messages configured to be returned to sender following a content scanning detection get incorrectly delivered to the intended recipient. 69. This HotFix fixes an issue where a specially crafted DNS MX record could cause the appliance to attempt to deliver to itself via the loopback address or any other appliance address. 70. This HotFix fixes an issue where inability to contact a server configured in local domains for SMTP delivery could cause DNS routed delivery to be attempted instead. 71. This HotFix fixes an issue where an attempt was made to deliver messages to the empty return path. 72. This HotFix fixes an issue where certain infected documents could be cleaned in such a way that parts of the infection remained visible to subsequent scanners. 73. This HotFix fixes an issue where certain messages could be mistaken for certain types of uuencoded data, resulting in incorrect decoding of the message. 74. This HotFix fixes an issue with NULL and Escape characters in messages resulting in incorrect quarantining of the message. 75. This HotFix fixes an issue where attempts to log very long items could cause the logging process to stop recording all items. FILES INCLUDED WITH THIS HOTFIX This HotFix consists of a package called WSv2HF12.tgz (multi-language). This contains the following files: README/version validate/md5sum.txt validate/validate.txt validate/version WSeV20hf12/av-update WSeV20hf12/ChannelEmail.so WSeV20hf12/ChannelEPO.so WSeV20hf12/ChannelSnmp.so WSeV20hf12/ChannelXML.so WSeV20hf12/cleanactive WSeV20hf12/ContentScanning.dtd WSeV20hf12/ContentScanningRes.jar WSeV20hf12/ContentScanningUI.jar WSeV20hf12/csmap WSeV20hf12/CSV.xml WSeV20hf12/e250/new_modules_2416.tgz WSeV20hf12/e500.jar WSeV20hf12/EFMTdefaultformatplugin.so WSeV20hf12/EFMTmimemsg.so WSeV20hf12/EFMTtnefmsg.so WSeV20hf12/ESCANwordengine.so WSeV20hf12/eventDispatcher WSeV20hf12/ftp-pdk WSeV20hf12/http-pdk WSeV20hf12/ja/Contact.txt WSeV20hf12/ja/CSVRecords.class WSeV20hf12/ja/CSVRecords$CSVInfo.class WSeV20hf12/ja/CSV.xml WSeV20hf12/ja/help/24-hour_format.html WSeV20hf12/ja/help/addresses.html WSeV20hf12/ja/help/aHelpWindow30pc2.gif WSeV20hf12/ja/help/Anti_Virus_Scanning_Handling_an_infected_file.html WSeV20hf12/ja/help/Anti_Virus_Scanning_Handling_unknown_viruses.html WSeV20hf12/ja/help/AntiVirus_Scanning_-_Setting_the_right_level.html WSeV20hf12/ja/help/ASCII_definition.html WSeV20hf12/ja/help/AttachmentSize.html WSeV20hf12/ja/help/AutoUpdAccess.html WSeV20hf12/ja/help/AutoUpdate.html WSeV20hf12/ja/help/AutoUpdInstall.html WSeV20hf12/ja/help/AutoUpdSched.html WSeV20hf12/ja/help/BasicConcepts.html WSeV20hf12/ja/help/_blank.htm WSeV20hf12/ja/help/bsscdhtm.js WSeV20hf12/ja/help/bsscnav1.gif WSeV20hf12/ja/help/bsscnav2.gif WSeV20hf12/ja/help/bsscnav3.gif WSeV20hf12/ja/help/bsscnav4.gif WSeV20hf12/ja/help/bsscnav4$.gif WSeV20hf12/ja/help/bsscnav5.gif WSeV20hf12/ja/help/bsscnav5$.gif WSeV20hf12/ja/help/bsscnav6.gif WSeV20hf12/ja/help/bsscnav7.gif WSeV20hf12/ja/help/bsscnav8.gif WSeV20hf12/ja/help/bsscnbar.js WSeV20hf12/ja/help/bssctab0.gif WSeV20hf12/ja/help/bssctab1.gif WSeV20hf12/ja/help/bssctab2.gif WSeV20hf12/ja/help/bssctab3.gif WSeV20hf12/ja/help/bssctab4.gif WSeV20hf12/ja/help/bssctab5.gif WSeV20hf12/ja/help/bssctab6.gif WSeV20hf12/ja/help/bssctoc1.gif WSeV20hf12/ja/help/bssctoc2.gif WSeV20hf12/ja/help/bssctoc3.gif WSeV20hf12/ja/help/bssctoc4.gif WSeV20hf12/ja/help/btn-applyall.gif WSeV20hf12/ja/help/btn-arrowL.gif WSeV20hf12/ja/help/btn-arrowR.gif WSeV20hf12/ja/help/btn-cancelall.gif WSeV20hf12/ja/help/btn-hide.gif WSeV20hf12/ja/help/btn-logoff.gif WSeV20hf12/ja/help/btn-show.gif WSeV20hf12/ja/help/configChg.html WSeV20hf12/ja/help/ConfigSaveAll.html WSeV20hf12/ja/help/Configuration_Pages.html WSeV20hf12/ja/help/CScanInQ.html WSeV20hf12/ja/help/CScanOutQ.html WSeV20hf12/ja/help/CScanRulesInfo-Action.html WSeV20hf12/ja/help/CScanRulesInfo-Applies.html WSeV20hf12/ja/help/CScanRulesInfo-CasePosn.html WSeV20hf12/ja/help/CScanRulesInfo-Condition.html WSeV20hf12/ja/help/CScanRulesInfo.html WSeV20hf12/ja/help/CScanRulesInfo-Nearness.html WSeV20hf12/ja/help/CS-Disclaimer.html WSeV20hf12/ja/help/DAT_and_Engine_Version.html WSeV20hf12/ja/help/default.html WSeV20hf12/ja/help/Definition-HTTP.html WSeV20hf12/ja/help/DefinitionSpam.html WSeV20hf12/ja/help/DefinitionStreamingMedia.html WSeV20hf12/ja/help/DefinitionSubstring.html WSeV20hf12/ja/help/Documents.html WSeV20hf12/ja/help/domain_name_wildcards.html WSeV20hf12/ja/help/Drop_Down_test.htm WSeV20hf12/ja/help/eHelp.xml WSeV20hf12/ja/help/ehlpdht1.js WSeV20hf12/ja/help/ehlpdht2.js WSeV20hf12/ja/help/ehlpdhtm.js WSeV20hf12/ja/help/Email_Address_Format.html WSeV20hf12/ja/help/emailalert.html WSeV20hf12/ja/help/E-mail_Alerting_Message_Variables_-_General.html WSeV20hf12/ja/help/E-mail_Alerting_Message_Variables_-_Management.html WSeV20hf12/ja/help/E-mail_Alerting_Message_Variables_-_Virus.html WSeV20hf12/ja/help/Email_Alert_Message_Codes.html WSeV20hf12/ja/help/emailalert_SendToTip.html WSeV20hf12/ja/help/EmailARDeny.html WSeV20hf12/ja/help/EmailAR.html WSeV20hf12/ja/help/EmailARLDom.html WSeV20hf12/ja/help/EmailARPermit.html WSeV20hf12/ja/help/EmailARRChars.html WSeV20hf12/ja/help/EmailARRChars-UUCP.html WSeV20hf12/ja/help/EmailARType.html WSeV20hf12/ja/help/EmailARwhy.html WSeV20hf12/ja/help/EmailASBlock.html WSeV20hf12/ja/help/EmailASDeny.html WSeV20hf12/ja/help/EmailAS.html WSeV20hf12/ja/help/EmailASPermit.html WSeV20hf12/ja/help/EmailASRTChk.html WSeV20hf12/ja/help/EmailASRTChk_RBLs.html WSeV20hf12/ja/help/EmailAttMsg.html WSeV20hf12/ja/help/EmailAttMsgInbound.html WSeV20hf12/ja/help/EmailAttMsgOutbound.html WSeV20hf12/ja/help/EmailConfig.html WSeV20hf12/ja/help/EmailConfigInbound.html WSeV20hf12/ja/help/EmailConfigOutbound.html WSeV20hf12/ja/help/EmailContent.html WSeV20hf12/ja/help/EmailContentInbound.html WSeV20hf12/ja/help/EmailContentOutbound.html WSeV20hf12/ja/help/EmailCScanExample1.htm WSeV20hf12/ja/help/EmailCScanExample2.html WSeV20hf12/ja/help/EmailCScanExample3.html WSeV20hf12/ja/help/EmailCScanExample4.html WSeV20hf12/ja/help/EmailCScanExamples.html WSeV20hf12/ja/help/EMailCScanRuleTest.html WSeV20hf12/ja/help/EmailCScanWhy.html WSeV20hf12/ja/help/EmailDDefrl.html WSeV20hf12/ja/help/EmailDFBRelay.html WSeV20hf12/ja/help/EmailD.html WSeV20hf12/ja/help/EmailDLDom.html WSeV20hf12/ja/help/EmailDMtd.html WSeV20hf12/ja/help/EmailDsclmr.html WSeV20hf12/ja/help/Email.html WSeV20hf12/ja/help/EmailPmstr.html WSeV20hf12/ja/help/EMailQuarantine.html WSeV20hf12/ja/help/EmailVirusMessage.html WSeV20hf12/ja/help/EngineUpdating.html WSeV20hf12/ja/help/epo_Agent.html WSeV20hf12/ja/help/epoalert.html WSeV20hf12/ja/help/ePO.html WSeV20hf12/ja/help/EXTRA_DAT.html WSeV20hf12/ja/help/FTP_8bit_ASCII_blocking.html WSeV20hf12/ja/help/FTPConfig.html WSeV20hf12/ja/help/FtpConfigInbound.html WSeV20hf12/ja/help/FtpConfigOutbound.html WSeV20hf12/ja/help/FTP.html WSeV20hf12/ja/help/ftsbody.htm WSeV20hf12/ja/help/ftsdhtml.htm WSeV20hf12/ja/help/ftsform.htm WSeV20hf12/ja/help/getacro.gif WSeV20hf12/ja/help/glossary.html WSeV20hf12/ja/help/glossary_junk.html WSeV20hf12/ja/help/Help_csh.html WSeV20hf12/ja/help/Help.ftp WSeV20hf12/ja/help/Help.glo WSeV20hf12/ja/help/Help.hhc WSeV20hf12/ja/help/Help.hhc.zip WSeV20hf12/ja/help/Help.hhk WSeV20hf12/ja/help/Help.hhk.zip WSeV20hf12/ja/help/Help.hhs WSeV20hf12/ja/help/Help.hhs.zip WSeV20hf12/ja/help/Help.html WSeV20hf12/ja/help/HelpVersion.html WSeV20hf12/ja/help/HowToConfigInNWk.html WSeV20hf12/ja/help/How_to_contact_us.html WSeV20hf12/ja/help/How_to_examine_spam_mail.html WSeV20hf12/ja/help/HowToInstGuide.html WSeV20hf12/ja/help/How_To_-_MIB_file.html WSeV20hf12/ja/help/HowToUpdateEmergency.html WSeV20hf12/ja/help/HowToViewStats.html WSeV20hf12/ja/help/HTTP_Blocked_Objects_Description.html WSeV20hf12/ja/help/HTTPCBlocking.html WSeV20hf12/ja/help/HTTPConfig.html WSeV20hf12/ja/help/HttpConfigInbound.html WSeV20hf12/ja/help/HttpConfigOutbound.html WSeV20hf12/ja/help/HTTP.html WSeV20hf12/ja/help/Icnbook.gif WSeV20hf12/ja/help/icncross.gif WSeV20hf12/ja/help/icnhelp.gif WSeV20hf12/ja/help/idxbody.htm WSeV20hf12/ja/help/idxdhtml.htm WSeV20hf12/ja/help/idxform.htm WSeV20hf12/ja/help/idxlist.htm WSeV20hf12/ja/help/InsideNetworks.html WSeV20hf12/ja/help/Interface-BottomButtons.html WSeV20hf12/ja/help/Interface-HelpButtons.html WSeV20hf12/ja/help/Interface-helpMainText.html WSeV20hf12/ja/help/Interface-helpSeeAlso.html WSeV20hf12/ja/help/Interface-helpTOCIXSearch.html WSeV20hf12/ja/help/Interface.html WSeV20hf12/ja/help/Interface-Status.html WSeV20hf12/ja/help/Interface-TopButtons.html WSeV20hf12/ja/help/IntExtNetworks_Description.html WSeV20hf12/ja/help/IP_address.html WSeV20hf12/ja/help/LeftPane.html WSeV20hf12/ja/help/Listeners.html WSeV20hf12/ja/help/LogEventNosExample.html WSeV20hf12/ja/help/LogEventNos.html WSeV20hf12/ja/help/LogEventNumberRanges.html WSeV20hf12/ja/help/LogEventTypes.html WSeV20hf12/ja/help/Logging_and_Alerting.html WSeV20hf12/ja/help/Logging.html WSeV20hf12/ja/help/LogRoles.html WSeV20hf12/ja/help/LogSettings.html WSeV20hf12/ja/help/LogSize.html WSeV20hf12/ja/help/Management_Information_Bases.html WSeV20hf12/ja/help/Manuals/bsscnav1.gif WSeV20hf12/ja/help/Manuals/bsscnav2.gif WSeV20hf12/ja/help/Manuals/bsscnav3.gif WSeV20hf12/ja/help/Manuals/bsscnav4.gif WSeV20hf12/ja/help/Manuals/bsscnav5.gif WSeV20hf12/ja/help/Manuals/bsscnav6.gif WSeV20hf12/ja/help/Manuals/bsscnav7.gif WSeV20hf12/ja/help/Manuals/bsscnav8.gif WSeV20hf12/ja/help/Manuals/contact.txt WSeV20hf12/ja/help/Manuals/copytrad.txt WSeV20hf12/ja/help/Manuals/Datasheet.pdf WSeV20hf12/ja/help/Manuals/license.pdf WSeV20hf12/ja/help/Manuals/ReadThis.txt WSeV20hf12/ja/help/Manuals/wse5clig.pdf WSeV20hf12/ja/help/Manuals/wse5clpg.pdf WSeV20hf12/ja/help/McAfee.css WSeV20hf12/ja/help/McAfee_ns.css WSeV20hf12/ja/help/Message_header.html WSeV20hf12/ja/help/navframe.htm WSeV20hf12/ja/help/navpane1.htm WSeV20hf12/ja/help/navpane2.htm WSeV20hf12/ja/help/nsdnsfix.htm WSeV20hf12/ja/help/nsdnsfix.jar WSeV20hf12/ja/help/OutsideNetworks.html WSeV20hf12/ja/help/PasswordChange.html WSeV20hf12/ja/help/PDFhelp.html WSeV20hf12/ja/help/PDF.html WSeV20hf12/ja/help/POP3Config.html WSeV20hf12/ja/help/POP3.html WSeV20hf12/ja/help/Problems_with_restricting_very_few_attachments.html WSeV20hf12/ja/help/ProcessMan.html WSeV20hf12/ja/help/prohibited.jpg WSeV20hf12/ja/help/RebootAppliance.html WSeV20hf12/ja/help/Reports_-_filter.html WSeV20hf12/ja/help/Reports_-_Format.html WSeV20hf12/ja/help/Reports.html WSeV20hf12/ja/help/Reports_-_Period.html WSeV20hf12/ja/help/Reports_-_Type.html WSeV20hf12/ja/help/ResourceExhaustion.html WSeV20hf12/ja/help/ResourcesMonitoring_Example.html WSeV20hf12/ja/help/RightPane.html WSeV20hf12/ja/help/Settings-1st.html WSeV20hf12/ja/help/Settings.html WSeV20hf12/ja/help/Settings-TimeZone.html WSeV20hf12/ja/help/snmpalert.html WSeV20hf12/ja/help/SNMP.html WSeV20hf12/ja/help/Status.html WSeV20hf12/ja/help/StopAppliance.html WSeV20hf12/ja/help/Subnet_Mask.html WSeV20hf12/ja/help/System_Configuration_-_LAN_1.html WSeV20hf12/ja/help/System_Configuration_-_LAN_2.html WSeV20hf12/ja/help/System_Configuration_Time_Setting.html WSeV20hf12/ja/help/System.html WSeV20hf12/ja/help/SystemMaint.html WSeV20hf12/ja/help/tabframe.htm WSeV20hf12/ja/help/tocdhtml.htm WSeV20hf12/ja/help/toclist.htm WSeV20hf12/ja/help/UnknownViruses.html WSeV20hf12/ja/help/URL_Blocking_banner.html WSeV20hf12/ja/help/URLFiltering.html WSeV20hf12/ja/help/VScan.html WSeV20hf12/ja/help/VScanInQ.html WSeV20hf12/ja/help/VScanLA.html WSeV20hf12/ja/help/VScanOutQ.html WSeV20hf12/ja/help/VulnerableFileTypes.html WSeV20hf12/ja/help/webhelp0.cab WSeV20hf12/ja/help/webhelp0.zip WSeV20hf12/ja/help/webhelp4.js WSeV20hf12/ja/help/webhelp.cab WSeV20hf12/ja/help/webhelp.jar WSeV20hf12/ja/help/webhelp.res WSeV20hf12/ja/help/webhelp.zip WSeV20hf12/ja/help/WebShieldStatus.html WSeV20hf12/ja/help/WebsiteBlock.html WSeV20hf12/ja/help/Welcome_Message.html WSeV20hf12/ja/help/WhenUpdate.html WSeV20hf12/ja/help/WhyUpdate.html WSeV20hf12/ja/help/wse500_status_appliance.gif WSeV20hf12/ja/help/wse500_status_browser.gif WSeV20hf12/ja/help/wse500_status_nothing.gif WSeV20hf12/ja/help/wse500_status_transfer.gif WSeV20hf12/ja/help/wsif30pc.gif WSeV20hf12/ja/help/xmlalert.html WSeV20hf12/ja/help/XML.html WSeV20hf12/ja/HTTPConfig.xml WSeV20hf12/ja/LOGError.xsl WSeV20hf12/ja/LOGParser.class WSeV20hf12/ja/previous WSeV20hf12/ja/script WSeV20hf12/ja/WebShieldStatusFragment01XML WSeV20hf12/ja/WebShieldStatusFragment02XML WSeV20hf12/ja/WebShieldStatusFragment03XML WSeV20hf12/ja/WebShieldStatusFragment04XML WSeV20hf12/ja/WebShieldStatusFragment05XML WSeV20hf12/ja/WebShieldStatusFragment06XML WSeV20hf12/ja/WebShieldStatusFragment07XML WSeV20hf12/ja/WebShieldStatusFragment08XML WSeV20hf12/ja/WebShieldStatusFragment09XML WSeV20hf12/ja/WebShieldStatusFragment10XML WSeV20hf12/ja/WebShieldStatusFragment11XML WSeV20hf12/ja/WebShieldStatusFragment12XML WSeV20hf12/ja/WebShieldStatusFragmentEndXML WSeV20hf12/ja/WebShieldStatusPostfixXML WSeV20hf12/ja/WebShieldStatusPrefixXML WSeV20hf12/ja/WebShieldUI.xsl WSeV20hf12/libconfiglock.so WSeV20hf12/libeventreport.so WSeV20hf12/libwidedecodeencode.so WSeV20hf12/LOGError.xsl WSeV20hf12/mailsend WSeV20hf12/mimemsg_eng.xml WSeV20hf12/mimemsg_fra.xml WSeV20hf12/mimemsg_ger.xml WSeV20hf12/mimemsg_jpn.xml WSeV20hf12/mod_ssl-2.8.5-3.i386.rpm WSeV20hf12/modules_2416.tgz WSeV20hf12/openssl095a-0.9.5a-11.i386.rpm WSeV20hf12/openssl-0.9.6-9.i386.rpm WSeV20hf12/os_install WSeV20hf12/Policies.dtd WSeV20hf12/policyloader_eng.xml WSeV20hf12/policyloader_fra.xml WSeV20hf12/policyloader_ger.xml WSeV20hf12/policyloader_jpn.xml WSeV20hf12/policyloader.so WSeV20hf12/pop3-pdk WSeV20hf12/previous WSeV20hf12/retryer WSeV20hf12/script WSeV20hf12/set_date_time WSeV20hf12/shellscript.sh WSeV20hf12/System.map WSeV20hf12/tnef_eng.xml WSeV20hf12/tnef_fra.xml WSeV20hf12/tnef_ger.xml WSeV20hf12/tnef_jpn.xml WSeV20hf12/update-xmlsystemconfig WSeV20hf12/version WSeV20hf12/vmlinuz-2.4.16 WSeV20hf12/webshield WSeV20hf12/WebShieldStatusFragment01XML WSeV20hf12/WebShieldStatusFragment02XML WSeV20hf12/WebShieldStatusFragment03XML WSeV20hf12/WebShieldStatusFragment04XML WSeV20hf12/WebShieldStatusFragment05XML WSeV20hf12/WebShieldStatusFragment06XML WSeV20hf12/WebShieldStatusFragment07XML WSeV20hf12/WebShieldStatusFragment08XML WSeV20hf12/WebShieldStatusFragment09XML WSeV20hf12/WebShieldStatusFragment10XML WSeV20hf12/WebShieldStatusFragment11XML WSeV20hf12/WebShieldStatusFragment12XML WSeV20hf12/WebShieldStatusFragmentEndXML WSeV20hf12/WebShieldStatusPostfixXML WSeV20hf12/WebShieldStatusPrefixXML WSeV20hf12/wordengine_eng.xml WSeV20hf12/wordengine_fra.xml WSeV20hf12/wordengine_ger.xml WSeV20hf12/wordengine_jpn.xml WSeV20hf12/WSUIlet.class WSeV20hf12/xml/de/TopTenVirus.xml WSeV20hf12/xml/de/VirusBarGraph.xml WSeV20hf12/xml/en/TopTenVirus.xml WSeV20hf12/xml/en/VirusBarGraph.xml WSeV20hf12/xml/fr/TopTenVirus.xml WSeV20hf12/xml/fr/VirusBarGraph.xml WSeV20hf12/xml/ja/TopTenVirus.xml WSeV20hf12/xml/ja/VirusBarGraph.xml WSeV20hf12/xml/ko/TopTenVirus.xml WSeV20hf12/xml/ko/VirusBarGraph.xml WSeV20hf12/xml/zh/TopTenVirus.xml WSeV20hf12/xml/zh_TW/TopTenVirus.xml WSeV20hf12/xml/zh_TW/VirusBarGraph.xml WSeV20hf12/xml/zh/VirusBarGraph.xml WSeV21hf12/av-update WSeV21hf12/cleanactive WSeV21hf12/ContentScanning.dtd WSeV21hf12/ContentScanningRes.jar WSeV21hf12/ContentScanningUI.jar WSeV21hf12/de/LOGError.xsl WSeV21hf12/de/WebShieldStatusFragment06XML WSeV21hf12/de/WebShieldStatusFragment07XML WSeV21hf12/de/WebShieldStatusFragment08XML WSeV21hf12/de/WebShieldStatusFragment09XML WSeV21hf12/de/WebShieldStatusFragment10XML WSeV21hf12/de/WebShieldStatusFragment11XML WSeV21hf12/de/WebShieldStatusFragment12XML WSeV21hf12/de/WebShieldStatusFragmentEndXML WSeV21hf12/de/WebShieldStatusPostfixXML WSeV21hf12/de/WebShieldStatusPrefixXML WSeV21hf12/e250/ChannelEmail.so WSeV21hf12/e250/ChannelEPO.so WSeV21hf12/e250/ChannelSnmp.so WSeV21hf12/e250/ChannelXML.so WSeV21hf12/e250/csmap WSeV21hf12/e250/e500.jar WSeV21hf12/e250/eventDispatcher WSeV21hf12/e250/ftp-pdk WSeV21hf12/e250/http-pdk WSeV21hf12/e250/libconfiglock.so WSeV21hf12/e250/libeventreport.so WSeV21hf12/e250/mailsend WSeV21hf12/e250/new_modules_2416.tgz WSeV21hf12/e250/pop3-pdk WSeV21hf12/e250/retryer WSeV21hf12/e250/WSUIlet.class WSeV21hf12/EFMTdefaultformatplugin.so WSeV21hf12/EFMTmimemsg.so WSeV21hf12/EFMTtnefmsg.so WSeV21hf12/en/LOGError.xsl WSeV21hf12/en/WebShieldStatusFragment06XML WSeV21hf12/en/WebShieldStatusFragment07XML WSeV21hf12/en/WebShieldStatusFragment08XML WSeV21hf12/en/WebShieldStatusFragment09XML WSeV21hf12/en/WebShieldStatusFragment10XML WSeV21hf12/en/WebShieldStatusFragment11XML WSeV21hf12/en/WebShieldStatusFragment12XML WSeV21hf12/en/WebShieldStatusFragmentEndXML WSeV21hf12/en/WebShieldStatusPostfixXML WSeV21hf12/en/WebShieldStatusPrefixXML WSeV21hf12/ESCANwordengine.so WSeV21hf12/fr/LOGError.xsl WSeV21hf12/fr/WebShieldStatusFragment06XML WSeV21hf12/fr/WebShieldStatusFragment07XML WSeV21hf12/fr/WebShieldStatusFragment08XML WSeV21hf12/fr/WebShieldStatusFragment09XML WSeV21hf12/fr/WebShieldStatusFragment10XML WSeV21hf12/fr/WebShieldStatusFragment11XML WSeV21hf12/fr/WebShieldStatusFragment12XML WSeV21hf12/fr/WebShieldStatusFragmentEndXML WSeV21hf12/fr/WebShieldStatusPostfixXML WSeV21hf12/fr/WebShieldStatusPrefixXML WSeV21hf12/html/de/RestoreConfigurationChange.html WSeV21hf12/ja/LOGError.xsl WSeV21hf12/ja/WebShieldStatusFragment06XML WSeV21hf12/ja/WebShieldStatusFragment07XML WSeV21hf12/ja/WebShieldStatusFragment08XML WSeV21hf12/ja/WebShieldStatusFragment09XML WSeV21hf12/ja/WebShieldStatusFragment10XML WSeV21hf12/ja/WebShieldStatusFragment11XML WSeV21hf12/ja/WebShieldStatusFragment12XML WSeV21hf12/ja/WebShieldStatusFragmentEndXML WSeV21hf12/ja/WebShieldStatusPostfixXML WSeV21hf12/ja/WebShieldStatusPrefixXML WSeV21hf12/libwidedecodeencode.so WSeV21hf12/mimemsg_eng.xml WSeV21hf12/mimemsg_fra.xml WSeV21hf12/mimemsg_ger.xml WSeV21hf12/mimemsg_jpn.xml WSeV21hf12/mod_ssl-2.8.5-3.i386.rpm WSeV21hf12/modules_2416.tgz WSeV21hf12/openssl095a-0.9.5a-11.i386.rpm WSeV21hf12/openssl-0.9.6-9.i386.rpm WSeV21hf12/os_install WSeV21hf12/Policies.dtd WSeV21hf12/policyloader_eng.xml WSeV21hf12/policyloader_fra.xml WSeV21hf12/policyloader_ger.xml WSeV21hf12/policyloader_jpn.xml WSeV21hf12/policyloader.so WSeV21hf12/script WSeV21hf12/set_date_time WSeV21hf12/shellscript.sh WSeV21hf12/System.map WSeV21hf12/tnef_eng.xml WSeV21hf12/tnef_fra.xml WSeV21hf12/tnef_ger.xml WSeV21hf12/tnef_jpn.xml WSeV21hf12/update-xmlsystemconfig WSeV21hf12/version WSeV21hf12/vmlinuz-2.4.16 WSeV21hf12/webshield WSeV21hf12/wordengine_eng.xml WSeV21hf12/wordengine_fra.xml WSeV21hf12/wordengine_ger.xml WSeV21hf12/wordengine_jpn.xml WSeV21hf12/xml/de/TopTenVirus.xml WSeV21hf12/xml/de/VirusBarGraph.xml WSeV21hf12/xml/en/TopTenVirus.xml WSeV21hf12/xml/en/VirusBarGraph.xml WSeV21hf12/xml/fr/TopTenVirus.xml WSeV21hf12/xml/fr/VirusBarGraph.xml WSeV21hf12/xml/ja/TopTenVirus.xml WSeV21hf12/xml/ja/VirusBarGraph.xml WSeV21hf12/xml/ko/TopTenVirus.xml WSeV21hf12/xml/ko/VirusBarGraph.xml WSeV21hf12/xml/zh/TopTenVirus.xml WSeV21hf12/xml/zh_TW/TopTenVirus.xml WSeV21hf12/xml/zh_TW/VirusBarGraph.xml WSeV21hf12/xml/zh/VirusBarGraph.xml _______________________________________________ INSTALLATION INSTALLATION REQUIREMENTS To use this HotFix, the WebShield Appliance must be running WebShield V2.0/2.1 software correctly. If it is not, use the WebShield Appliance Recovery CD to restore the software before installing this HotFix. NOTE: To install this HotFix, the appliance must be running engine version 4.1.60 or above. NOTE: Please clear your Java cache before applying this HotFix. To clear the JAR cache go to: Control Panel / Java plug-in 1.3.x.x / Cache and click on the "Clear Jar Cache" button. INSTALLATION STEPS To install this HotFix, follow these steps: 1. Create a temporary directory on your hard disk and download the file WSE2HF12.zip from the McAfee website. 2. Extract the file WSe2HF12.tgz from the zip package (you may need a password from McAfee support) to a location on your network that can be accessed from the WebShield appliance. 3. Open your Internet browser and browse to the WebShield appliance. 4. Log in to the configuration applet when prompted by entering your username and password. 5. Select Maintenance from the System menu. 6. Use the Install Service Pack and HotFix 'Browse' button, to find the location of the HotFix file WSe2HF12.tgz and select 'Install now'. 7. Installing the HotFix will restart the Tomcat Daemon requiring the user to login again. If the package will not install, verify the appliance is running engine version 4.1.60 or later and also ensure that there is sufficient space on the client’s machine – up to 65 M/B free space may be needed. 8. Once the HotFix is installed, select Status from the System menu, and ensure that the correct HotFix number is displayed in the Service Packs and HotFixes section. 9. In order to utilize the new values you must either go to the HTTP configuration page and click defaults, or go to the Profiles page and select a profile using "constant HTTP" (If you had not changed the values from those originally installed they will already have been changed). 10. The E500 will require a reboot if HotFix 8 has not already been applied due to the fact that the kernel has been replaced. To accomplish this select the maintenance page and then select the reboot option. NOTE: If you plan to use the WSe2HF12.tgz archive file again, keep it available on your computer. Otherwise, delete the file once the HotFix has been installed successfully. NOTE: We recommend that you do not remove the HotFix files from your WebShield V2.0/2.1 installation once you install them. If you reinstall your WebShield V2.0/2.1 software, we recommend that you also reinstall the HotFix. NOTE: If you re-apply a configuration saved before applying HotFix 2 the configuration changes will be lost and you will need to re-apply the latest HotFix. TESTING YOUR INSTALLATION You can test the operation of the software by running the EICAR Standard AntiVirus Test File on any computer where you have installed the software. The EICAR Standard AntiVirus Test File is a combined effort by anti-virus vendors throughout the world to implement one standard by which customers can verify their anti-virus installations. To test your installation: 1. Copy the following line into its own file, then save the file with the name EICAR.COM. X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* The file size will be 68 or 70 bytes. 2. Send the EICAR.COM file via the WebShield V2.x appliance. When the appliance scans this file, it will report finding the EICAR test file. 3. Delete the file when you have finished testing your installation to avoid alarming unsuspecting users. IMPORTANT: Please note that this file is NOT A VIRUS. REMOVING THIS HOTFIX To remove this HotFix from your computer, reinstall your original WebShield V2.0/2.1 software from the original CD supplied with the WebShield appliance. NOTE: We recommend that you do not remove the HotFix files from your WebShield installation once you install them. If you reinstall your WebShield V2.0/2.1 software, we recommend that you also reinstall the HotFix. _______________________________________________ CONTACTING MCAFEE AND NETWORK ASSOCIATES Technical Support http://knowledge.nai.com McAfee Beta Program Beta Web Site www.mcafeeb2b.com/beta/ E-mail avbeta@nai.com AVERT Anti-Virus Research Site www.mcafeeb2b.com/avert Download Site www.mcafeeb2b.com/naicommon/download/ DAT File Updates www.mcafeeb2b.com/naicommon/download/dats/find.asp Product Upgrades www.mcafeeb2b.com/naicommon/download/upgrade/login.asp Valid grant number required. Contact Network Associates Customer Service On-Site Training Information www.mcafeeb2b.com/services/mcafee-training/default.asp Network Associates Customer Service US, Canada, and Latin America toll-free: Phone: +1-888-VIRUS NO or +1-888-847-8766 Monday - Friday, 8 a.m. - 8 p.m., Central Time E-mail: services_corporate_division@nai.com Web: www.nai.com www.mcafeeb2b.com For additional information on contacting Network Associates and McAfee including toll free numbers for other geographic areas see the CONTACT.TXT file that accompanied your original product release. _______________________________________________ COPYRIGHT AND TRADEMARK ATTRIBUTIONS (c) 2002 Networks Associates Technology, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Networks Associates Technology, Inc., or its suppliers or affiliate companies. To obtain this permission, write to the attention of the Network Associates legal department at: 3965 Freedom Circle, Santa Clara, California 95054, or call +1-972-308-9960. TRADEMARKS Active Security, Active Security (in Katakana), ActiveHelp, ActiveShield, AntiVirus Anyware and design, Bomb Shelter, Certified Network Expert, Clean-Up, CleanUp Wizard, CNX, CNX Certification Certified Network Expert and design, CyberCop, CyberCop (in Katakana), CyberMedia, CyberMedia UnInstaller, Design (stylized N), Disk Minder, Distributed Sniffer System, Distributed Sniffer System (in Katakana), Dr Solomon’s, Dr Solomon’s label, Enterprise SecureCast, Enterprise SecureCast (in Katakana), EZ SetUp, First Aid, ForceField, GMT, GroupShield, GroupShield (in Katakana), Guard Dog, HelpDesk, HomeGuard, Hunter, ISDN TEL/SCOPE, LANGuru, LANGuru (in Katakana), M and design, Magic Solutions, Magic Solutions (in Katakana), Magic University, MagicSpy, MagicTree, McAfee, McAfee (in Katakana), McAfee and design, MultiMedia Cloaking, Net Tools, Net Tools (in Katakana), NetCrypto, NetOctupus, NetScan, NetShield, NetStalker, Network Associates, NetXray, NotesGuard, Nuts & Bolts, Oil Change, PC Medic, PC Medic 97, PCNotary, PGP, PGP (Pretty Good Privacy), Pretty Good Privacy, PrimeSupport, Recoverkey, Recoverkey – International, Registry Wizard, ReportMagic, RingFence, Router PM, SalesMagic, SecureCast, Service Level Manager, ServiceMagic, SmartDesk, Sniffer, Sniffer (in Hangul), SniffMaster, SniffMaster (in Hangul), SniffMaster (in Katakana), SniffNet, Stalker, SupportMagic, TIS, TMEG, TNV, TVD, TNS, Total Network Security, Total Network Visibility, Total Network Visibility (in Katakana), Total Service Desk, Total Virus Defense, Trusted Mail, UnInstaller, Virex, Virus Forum, ViruScan, VirusScan, WebScan, WebShield, WebShield (in Katakana), WebSniffer, WebStalker, WebWall, Who’s Watching Your Network, WinGauge, Your E-Business Defender, ZAC 2000, Zip Manager are registered trademarks of Network Associates, Inc. and/or its affiliates in the US and/or other countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners. LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO NETWORK ASSOCIATES, INC. OR THE PLACE OF PURCHASE FOR A FULL REFUND.