Release Notes for McAfee(R) Common Management Agent(TM) Version 3.5.0 Patch 4 Copyright (C) 2005 McAfee, Inc. All Rights Reserved ========================================================== Patch Release: 8-18-2005 Patch Package: 3.5.0.508 This release was developed and tested with: - McAfee ePolicy Orchestrator 3.0 SP2 - McAfee ePolicy Orchestrator 3.5 - McAfee ProtectionPilot 1.1 Make sure you have installed these versions before using this release. ========================================================== Thank you for using Common Management Agent(TM) software. This file contains important information regarding this release. We strongly recommend that you read the entire document. The attached files are provided as is, and with no warranty either expressed or implied as to their suitability for any particular use or purpose. McAfee, Inc. assumes no liability for damages incurred either directly or indirectly as a result of the use of these files, including but not limited to the loss or damage of data or systems, loss of business or revenue, or incidental damages arising from their use. Patch files should be applied only on the advice of McAfee Technical Support, and only when you are actually experiencing the issue being addressed by the Patch. Patch files should not be proactively applied in order to prevent potential product issues. You are responsible for reading and following all instructions for preparation, configuration, and installation of Patch files. Patch files are not a substitute or replacement for product Service Packs which may be released by McAfee, Inc. It is a violation of your software license agreement to distribute or share these files with any other person or entity without written permission from McAfee, Inc. Further, posting of McAfee Patch files to publicly available Internet sites is prohibited. McAfee, Inc. reserves the right to refuse distribution of Patch files to any company or person guilty of unlawful distribution of McAfee software products. Questions or issues with McAfee Patch files should be directed to McAfee Technical Support. __________________________________________________________ WHAT'S IN THIS FILE - About This Release - Purpose - Resolved Issues - Previously Resolved Issues - Files Included with This Release - Installation - Installation Requirements - Installation Steps - Contact Information - Copyright & Trademark Attributions - License Information __________________________________________________________ ABOUT THIS RELEASE PURPOSE This Patch replaces the Common Management Agent 3.5.0 to resolve the issues listed below. This release is for stand-alone installations of McAfee products. It is not for use in an ePolicy Orchestrator or ProtectionPilot environment. The Common Management Agent 3.5.0 is the upgrade path for Common Management Agent 3.1.2. Patches for the Common Management Agent are cumulative. See "Previously Resolved Issues" for fixes in earlier patch releases. RESOLVED ISSUES 1. ISSUE: Security vulnerability CAN-2005-2554. A privilege escalation can be executed with the Common Management Agent. http://lists.virus.org/full-disclosure-0508/msg00376.html RESOLUTION This Patch resolves the vulnerability. PREVIOUSLY RESOLVED ISSUES (CMA 3.5.0.456 PATCH 3) 1. ISSUE: The Framework service crashes when multiple agent wakeup calls are received. RESOLUTION: The Framework service continues to run when multiple wakeup calls are received. 2. ISSUE: Changing the computer name causes properties to be added to the wrong node in the ePolicy Orchestrator properties database. RESOLUTION: The properties are now added to the correct node in the ePolicy Orchestrator database. 3. ISSUE: UPDATERUI.EXE runs on each session of a Windows NT 4 terminal server. RESOLUTION: UPDATERUI.EXE now runs only on the local Windows NT 4 server; it no longer runs on terminal server client sessions. If Agent UI functionality is desired on Terminal Services clients, you can execute UPDATERUI.EXE manually. 4. ISSUE: If the proxy server name is configured in the format http://proxy.mcafee.com, updates fail with the error "Failed to connect to http at port 0." RESOLUTION: Proxy server configuration can now handle the format http://proxy.mcafee.com. 5. ISSUE: VirusScan Enterprise 8.0i policy enforcement might fail with a -1400 error message. RESOLUTION: Policy enforcement for VirusScan Enterprise 8.0i is now successful. 6. ISSUE: On some systems, the speed of the client CPU is reported incorrectly. RESOLUTION: CPU speed of the client is now reported correctly. 7. ISSUE: A subsystem of the Common Management Agent could fail during an update or deployment task. This failure causes the tasks to report as running, resulting in continual rescheduling of the subsequent update or deployment tasks. RESOLUTION: The Common Management Agent now detects the failure and restarts the subsystem. 8. ISSUE: ePolicy Orchestrator 2.5.1 agents cannot be upgraded to Common Management Agent 3.5 on Windows 95 and Windows 98 clients. RESOLUTION: Upgrades from ePolicy Orchestrator 2.5.1 to Common Management Agent 3.5 on Windows 95 and Windows 98 clients now succeed. 9. ISSUE: When the Common Management Agent receives an http redirection from what it believed to be the ePolicy Orchestrator server, the agent log records a stack error. RESOLUTION: Stack errors are no longer generated under these conditions. 10. ISSUE: Under certain circumstances, the Common Management Agent fails to run a task and reports a -1203 error. RESOLUTION: Tasks no longer report a -1203 error in that situation. 11. ISSUE: The Common Management Agent might remove the registry plug-in information for VirusScan Enterprise. RESOLUTION: The Common Management Agent is now more robust in determining whether the product registry plug-in key should be deleted. 12. ISSUE: When not connected to the network, the Common Management Agent might consume all of the available cached credentials when it attempts to connect to the UNC repositories. This causes a user to be locked out of the system. RESOLUTION: The Common Management Agent no longer uses all of the cache credentials when it tries to connect to the UNC repositories. 13. ISSUE: System Compliance Profiler fails to upgrade when the template version is greater than 127. RESOLUTION: McScript.exe now handles the template version properly and System Compliance Profiler can be upgraded, even if the template version is greater than 127. 14. ISSUE: The Common Management Agent log does not contain the ePolicy Orchestrator server name. Common Management Agent version 3.1.2 and earlier contain the ePolicy Orchestrator server name. RESOLUTION: The Common Management Agent log now contains the ePolicy Orchestrator server name. 15. ISSUE: Check Point software fails if the format of the date in the VirusScan engine plug-in key was not as expected. This was incorrectly reported as fixed in CMA 3.5 Patch 2. RESOLUTION: The date format has been modified to work with Check Point software. The change occurs after the next successful DAT update. 16. ISSUE: When the Entercept server is installed on a system with VirusScan Enterprise 8.0i, the Entercept Notification Manager generates ePolicy Orchestrator events, even in an unmanaged environment. RESOLUTION: The Common Management Agent has been changed so that the Entercept Notification Manager does not create events unless the Common Management Agent is running in managed mode. PREVIOUSLY RESOLVED ISSUES (CMA 3.5.0.446 Patch 2) 1. ISSUE: Remote System Sensor product version did not display properly. RESOLUTION: Remote System Sensor product version now displays correctly. 2. ISSUE: The date format in the engine plug-in key caused Check Point software to fail. RESOLUTION: The date format has been modified to work with Check Point software. 3. ISSUE: A user-defined sitelist.xml that lists many disabled repositories before listing an enabled repository could result in an update from a disabled repository. RESOLUTION: The Framework service now dynamically generates the buffer size needed to hold the entire sitelist.xml. It no longer tries to update from a disabled repository. 4. ISSUE: RSSENSOR.EXE crashes. RESOLUTION: A timing issue in the Framework service has been corrected that was causing the crash in RSSENSOR.EXE. 5. ISSUE: UPDATERUI.EXE could run multiple times on a terminal server. RESOLUTION: UPDATERUI.EXE now runs only on the local server, and does not run on terminal server clients. PREVIOUSLY RESOLVED ISSUES (CMA 3.5.0.435 Patch 1) 1. ISSUE: The Framework service fails to start if the sitelist.xml file does not contain an FTP or an HTTP repository. RESOLUTION: The Framework service now starts, even if the sitelist.xml file does not contain an FTP or an HTTP repository. 2. ISSUE: On installation, the Common Management Agent is not added to the Microsoft Windows Firewall whitelist. RESOLUTION: The Common Management Agent is now added to the firewall whitelist on installation. 3. ISSUE: The Framework service fails to start if the sitelist.xml file includes a large number of repositories. RESOLUTION: This problem was caused when the Framework service would ping the repositories on service startup. The Windows Service Control Manager would time out before all the repositories could be contacted. Now the Framework service does not ping all of the repositories in the sitelist.xml file prior to startup. 4. ISSUE: The Framework service fails to start and generates a 1920 error in some environments. RESOLUTION: The Framework service "image path" now contains quote marks. This allows the Framework service to start without error. 5. ISSUE: The Common Management Agent did not support a 503 (server busy) response code. This event type was added with ePolicy Orchestrator 3.0.2 Patch 8 and later. RESOLUTION: The Common Management Agent now supports this response code and retries at a later date if it receives this response code when contacting the server. 6. ISSUE: McAfee GroupShield Exchange 6.0 could lock files in use by the Common Management Agent, causing the Common Management Agent to fail to upgrade. RESOLUTION: The Common Management Agent now successfully upgrades even if the files are locked by McAfee GroupShield Exchange 6.0. 7. ISSUE: Slow logon or logoff occurred, due to roaming profiles and the Common Management Agent’s use of Microsoft’s WININET.DLL. RESOLUTION: The Common Management Agent now releases WININET.DLL after each use. This allows faster logon and logoff for users with roaming profiles. 8. ISSUE: Agent-to-server communication fails. RESOLUTION: Improvements have been made to the agent-to-server communication in the Common Management Agent. 9. ISSUE: Microsoft Windows 95 and Windows 98 clients are locked out of the domain when the Common Management Agent tries to update on certain domain environments. RESOLUTION: The Common Management Agent now does not cause lock-out for Windows 95, Windows 98, or Windows ME clients from the domain. 10. ISSUE: User names that included characters under 032 ASCII would cause the event files from the Common Management Agent to be discarded. RESOLUTION: User names that include a character under 032 ASCII now are displayed as "N/A". 11. ISSUE: The Common Management Agent did not respond to an HTTP error code 416 correctly, which would lead to an error downloading the System Compliance Profiler installer. RESOLUTION: The Common Management Agent now handles an HTTP 416 error code correctly. 12. ISSUE: Randomized scheduled tasks start at the same time for multiple clients. RESOLUTION: The Common Management Agent randomization has been improved so that tasks now run at different times on different clients. FILES INCLUDED WITH THIS RELEASE This release consists of a package called CMA3504.ZIP, which contains the following files: Agent.dll Agent.ini AgentPlugin.dll AgentRes.Dll Agt300Det.McS AppLib.dll Cabinet.dll Cleanup.exe ClientUI.dll CMAUIRes.dll CmdAgent.exe ComponentSubsystem.dll ComponentUserInterface.dll Contact.Txt FrameworkLog.xsl FrameworkManifest.xml FrameworkPackage.exe FrameworkService.exe FrmInst.exe FrmPlugin.dll Genevtinf.dll Install.pkg InstallMain.McS InternetManager.dll ListenServer.dll Logging.dll Logo.jpg Management.dll McScript.Exe Mcurial.Dll naCmnLib.dll nagshr32.dll NaiLog.Dll Nainet.dll naisign.dll naizlb32.dll naPolicyManager.dll naPrdMgr.exe naSPIPE.dll naXML.dll Patchw32.dll PcrPlug.dll PkgCatalog.z PoEvtInf.dll PSAPI.dll readme.txt Scheduler.dll ScriptSubSys.dll ScrptRes.Dll SecureFrameworkFactory.dll Server.xml SrPubKey.bin unicows.dll UpdateMain.McS UpdaterUI.exe UpdateSubSys.Dll UpdPlug.Dll UpdRes.Dll UserSpace.Dll WStub32.Exe XMLWrap.Dll __________________________________________________________ INSTALLATION INSTALLATION REQUIREMENTS To use this release, you must have ePolicy Orchestrator 3.0 Service Pack 2, Protection Pilot 1.0 Service Pack 1, or ePolicy Orchestrator 3.5 installed on the computer you intend to update with this release. INSTALLATION STEPS 1. Create a temporary folder on the hard drive of the Management (ePolicy Orchestrator or Protection Pilot) server. 2. Extract the CMA3501.ZIP file to the temporary folder that you created in Step 1. INSTALLATION STEPS FOR ePOLICY ORCHESTRATOR 3.0.2 CHECKING THE AGENT PACKAGE INTO THE MASTER REPOSITORY NOTE You cannot check in packages while pull or replication tasks are executing. 1. Log on to the desired ePolicy Orchestrator server using a global administrator user account. 2. In the console tree under "ePolicy Orchestrator" | , select "Repository." 3. In the details pane under "AutoUpdate Tasks," click "Check in package." The "Check in package" wizard appears. 4. Click "Next" to open the package type dialog box. 5. Select "Products or updates," then click "Next." The catalog file dialog box appears. 6. Select the package catalog (PKGCATALOG.Z) file from the temporary folder you created in Step 1 of "Installation Steps." You can type the path to this file, or click "Browse" to select it, then click "Next." The summary dialog box appears. 7. Click "Finish" to check in the package. 8. Click "Close" after the package has been checked in. CREATING THE NEW AGENT INSTALLATION PACKAGE 1. Stop the "McAfee ePolicy Orchestrator 3.0 Server" service. This procedure varies depending on the operating system. For instructions, see the operating system product documentation. 2. Delete the FRAMEPKG.EXE and FRAMEWORK.Z files from this location in the installation directory: \DB\SOFTWARE\CURRENT\EPOAGENT3000\INSTALL\0409 The default location of the installation directory is: C:\PROGRAM FILES\NETWORK ASSOCIATES\EPO\3.01 If you upgraded the software from version 2.0, 2.5, or 2.5.1, the default location is: C:\PROGRAM FILES\MCAFEE\EPO\2.0 NOTE This step is not necessary if ePolicy Orchestrator 3.0 SP2a Patch 3 is installed on the ePolicy Orchestrator server; continue to the next step. 3. Start the "McAfee ePolicy Orchestrator 3.0 Server" service. This procedure varies depending on the operating system. For instructions, see the operating system product documentation. REPLICATING THE AGENT PACKAGE TO DISTRIBUTED REPOSITORIES NOTE Since local distributed repositories can only be accessed from client computers, replication tasks do not copy packages from the master repository to local distributed repositories; you must manually update local distributed repositories with the desired packages. 1. Log on to the desired ePolicy Orchestrator server using a global administrator user account. 2. In the console tree under "ePolicy Orchestrator" | , select "Repository." 3. Click "Replicate now." The "Replicate Now" wizard appears. 4. Click "Next" to open the distributed repositories dialog box. 5. Click "Select All" to select all global and SuperAgent distributed repositories, then click "Next." The replication type dialog box appears. 6. Select "Incremental replication," then click "Finish" to run the task. 7. Click "Close" after the task has completed. DEPLOYING THE AGENT TO CLIENT COMPUTERS Although there are numerous methods you can use to install the agent on computers you want to manage via ePolicy Orchestrator, we recommend using the "Deployment" client task, see below. For a list of other methods and instructions for each, see "Agent deployment" in the ePolicy Orchestrator 3.0 Product Guide. 1. Log on to the desired ePolicy Orchestrator server. 2. In the console tree under "ePolicy Orchestrator" | , right-click "Directory," , , or . The "Policies," "Properties," and "Tasks" tabs appear in the details pane. 3. Click the "Tasks" tab. 4. Right-click the "Deployment" task, then select "Edit Task." The "ePolicy Orchestrator Scheduler" dialog box appears. 5. On the "Task" tab, click "Settings." The "Task Settings" dialog box appears. 6. Deselect "Inherit." 7. Next to "Agent 3.5.0," select "Install" in "Action." 8. Next to those products that you do not want to deploy, select "Ignore" in "Action." 9. To specify command-line options used when installing the agent, click the "..." button next to "Agent 3.5.0." For instructions, see "Agent installation command-line options" in the ePolicy Orchestrator 3.0 Product Guide. 10. If you want this task to also be enforced during the policy enforcement interval, select "Run this task at every policy enforcement interval." 11. Schedule the task. For instructions, see "Scheduling client tasks" in the ePolicy Orchestrator 3.0 Product Guide. 12. Click "OK" to save the current entries. MONITORING AGENT DEPLOYMENT You can use the Agent Versions or the Compliance Issues reports to monitor the deployment of the agent. For instructions and information, see "Running reports," and "Agent Versions report template" or "Compliance Issues report template" in the ePolicy Orchestrator 3.0 Product Guide. The new agent version number is 3.5.0.508 INSTALLATION STEPS FOR ePOLICY ORCHESTRATOR 3.5 CHECKING THE AGENT PACKAGE INTO THE MASTER REPOSITORY NOTE You cannot check in packages while pull or replication tasks are executing. 1. Log on to the desired ePolicy Orchestrator server using a global administrator user account. 2. In the console tree under "ePolicy Orchestrator" | , select "Repository." 3. In the details pane under "AutoUpdate Tasks," click "Check in package." The "Check in package" wizard appears. 4. Click "Next" to open the package type dialog box. 5. Select "Products or updates," then click "Next." The catalog file dialog box appears. 6. Select the package catalog (PKGCATALOG.Z) file from the temporary folder you created in Step 1 of "Installation Steps." You can type the path to this file, or click "Browse" to select it, then click "Next." The summary dialog box appears. 7. Click "Finish" to check in the package. 8. Click "Close" after the package has been checked in. The new agent package is automatically created. REPLICATING THE AGENT PACKAGE TO DISTRIBUTED REPOSITORIES NOTE Since local distributed repositories can be accessed only from client computers, replication tasks do not copy packages from the master repository to local distributed repositories; you must manually update local distributed repositories with the desired packages. 1. Log on to the desired ePolicy Orchestrator server using a global administrator user account. 2. In the console tree under "ePolicy Orchestrator" | , select "Repository." 3. In the details pane under "AutoUpdate Tasks," click "Replicate now." The "Replicate Now" wizard appears. 4. Click "Next" to open the distributed repositories dialog box. 5. Click "Select All" to select all global and SuperAgent distributed repositories, then click "Next." The replication type dialog box appears. 6. Select "Incremental replication," then click "Finish" to run the task. 7. Click "Close" after the task has completed. DEPLOYING THE AGENT TO CLIENT COMPUTERS Although there are numerous methods you can use to install the agent on computers you want to manage via ePolicy Orchestrator, we recommend using the "Deployment" client task, see below. For a list of other methods and instructions for each, see "Agent deployment" in the ePolicy Orchestrator 3.5 Product Guide. 1. Log on to the desired ePolicy Orchestrator server. 2. In the console tree under "ePolicy Orchestrator" | , right-click "Directory," , , or . The "Policies," "Properties," and "Tasks" tabs appear in the details pane. 3. Click the "Tasks" tab. 4. Right-click the "Deployment" task, then select "Edit Task." The "ePolicy Orchestrator Scheduler" dialog box appears. 5. On the "Task" tab, click "Settings." The "Task Settings" dialog box appears. 6. Deselect "Inherit." 7. Next to "Agent 3.5.0," select "Install" in "Action." 8. Next to those products that you do not want to deploy, select "Ignore" in "Action." 9. To specify command-line options used when installing the agent, click the "..." button next to "Agent 3.5.0." For instructions, see "Agent installation command-line options" in the ePolicy Orchestrator 3.5 Product Guide. 10. If you want this task to also be enforced during the policy enforcement interval, select "Run this task at every policy enforcement interval." 11. Schedule the task. For instructions, see "Scheduling client tasks" in the ePolicy Orchestrator 3.5 Product Guide. 12. Click "OK" to save the current entries. MONITORING AGENT DEPLOYMENT You can use the Agent Versions or the Compliance Issues reports to monitor the deployment of the agent. For instructions and information, see "Running reports," and "Agent Versions report template" or "Compliance Issues report template" in the ePolicy Orchestrator 3.5 Product Guide. The new agent version number is 3.5.0.508 INSTALLATION STEPS FOR PROTECTIONPILOT 1.0 SP1 1. Delete the FRAMEPKG.EXE and FRAMEWORK.Z files from this location in the installation directory: 1.0.0\DB\SOFTWARE\CURRENT\EPOAGENT3000\INSTALL\0409 The default location of the installation directory is: C:\PROGRAM FILES\NETWORK ASSOCIATES\PROTECTIONPILOT 2. In ProtectionPilot from the "Server" section, click the "Repository" tab. The "Manage AutoUpdate Repositories" page appears. 3. Click "Check In Package" under "Management Tasks." 4. Select "Products and updates" and click "Next." 5. Click "Browse" to locate the file you downloaded, and select the package (PKGCATALOG.Z) file for the product. 6. Click "Finish," then "OK." Stop and then restart the ProtectionPilot server service. 7. The agent upgrade begins immediately. __________________________________________________________ PARTICIPATING IN THE MCAFEE BETA PROGRAM To download new beta software or to read about the latest beta information, visit the McAfee beta web site located at: http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm To submit beta feedback on any McAfee product, send e-mail to: mcafee_beta@mcafee.com McAfee is devoted to providing solutions based on your input. __________________________________________________________ CONTACT INFORMATION SECURITY HEADQUARTERS: AVERT (Anti-Virus & Vulnerability Emergency Response Team) Home Page http://www.mcafeesecurity.com/us/security/home.asp Virus Information Library http://vil.mcafeesecurity.com/ AVERT WebImmune & Submit a Virus Sample (Logon credentials required) https://www.webimmune.net/default.asp AVERT DAT Notification Service http://vil.mcafeesecurity.com/vil/join-DAT-list.asp DOWNLOAD SITE Home Page http://www.mcafeesecurity.com/us/downloads/ Anti-Virus DAT File and Engine Updates http://www.mcafeesecurity.com/us/downloads/updates/ ftp://ftp.mcafee.com/pub/antivirus/datfiles/4.x Anti-Spam Rules File and Engine Updates ftp://ftp.mcafee.com/spamdefs/1.x/ Product Upgrades https://secure.nai.com/us/forms/downloads/upgrades/login.asp Valid grant number required (contact Customer Service) HotFix and Patch Releases - For Security Vulnerabilities (Available to the public) http://www.mcafeesecurity.com/us/downloads/updates/hotfixes.asp - For Products (ServicePortal account and McAfee Technical Support grant number required) https://mysupport.nai.com/products/products.asp Product End-of-Life Support http://www.mcafeesecurity.com/us/products/mcafee/end_of_life.htm SOFTWARE AND HARDWARE TECHNICAL SUPPORT Home Page http://www.mcafeesecurity.com/us/support/technical_support KnowledgeBase Search http://knowledgemap.nai.com/ McAfee Technical Support ServicePortal (Logon credentials required) https://mysupport.mcafeesecurity.com McAfee Security Alerting Service (MSAS) http://mysupport.nai.com/supportinfo/pvans_info.asp CUSTOMER SERVICE US, Canada, and Latin America toll-free: Phone: +1-888-VIRUS NO or +1-888-847-8766 Monday-Friday, 8am-8pm, Central Time E-mail: https://secure.nai.com/us/forms/support/request_form.asp Web: http://www.mcafeesecurity.com/us/support/default.asp MCAFEE BETA PROGRAM Download Site: http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm E-mail to Submit Beta Feedback: mcafee_beta@mcafee.com TRAINING: MCAFEE UNIVERSITY http://www.mcafeesecurity.com/us/services/education/mcafee/university.htm WORLDWIDE OFFICES For addresses and phone numbers of worldwide offices: http://www.mcafeesecurity.com/us/contact/home.htm _____________________________________________________ COPYRIGHT AND TRADEMARK ATTRIBUTIONS Copyright (C) 2005 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. TRADEMARKS ACTIVE FIREWALL, ACTIVE SECURITY, ACTIVESECURITY (AND IN KATAKANA), ACTIVESHIELD, CLEAN-UP, DESIGN (STYLIZED E), DESIGN (STYLIZED N), ENTERCEPT, EPOLICY ORCHESTRATOR, FIRST AID, FOUNDSTONE, GROUPSHIELD, GROUPSHIELD (AND IN KATAKANA), INTRUSHIELD, INTRUSION PREVENTION THROUGH INNOVATION, MCAFEE, MCAFEE (AND IN KATAKANA), MCAFEE AND DESIGN, MCAFEE.COM, MCAFEE VIRUSSCAN, NET TOOLS, NET TOOLS (AND IN KATAKANA), NETSCAN, NETSHIELD, NUTS & BOLTS, OIL CHANGE, PRIMESUPPORT, SPAMKILLER, THREATSCAN, TOTAL VIRUS DEFENSE, VIREX, VIRUS FORUM, VIRUSCAN, VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN, WEBSHIELD, WEBSHIELD (AND IN KATAKANA) are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. The color red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. _____________________________________________________ LICENSE & PATENT INFORMATION LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. LICENSE ATTRIBUTIONS This product includes or may include: * Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). * Cryptographic software written by Eric A. Young and software written by Tim J. Hudson. * Some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL, which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. * Software originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer. * Software originally written by Robert Nordier, Copyright (C) 1996-7 Robert Nordier. * Software written by Douglas W. Sauder. * Software developed by the Apache Software Foundation (http://www.apache.org/). A copy of the license agreement for this software can be found at www.apache.org/licenses/LICENSE-2.0.txt. * International Components for Unicode ("ICU") Copyright (C) 1995-2002 International Business Machines Corporation and others. * Software developed by CrystalClear Software, Inc., Copyright (C) 2000 CrystalClear Software, Inc. * FEAD(R) Optimizer(R) technology, Copyright Netopsystems AG, Berlin, Germany. * Outside In(R) Viewer Technology (C) 1992-2001 Stellent Chicago, Inc. and/or Outside In(R) HTML Export, (C) 2001 Stellent Chicago, Inc. * Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, (C) 1998, 1999, 2000. * Software copyrighted by Expat maintainers. * Software copyrighted by The Regents of the University of California, (C) 1996, 1989, 1998-2000. * Software copyrighted by Gunnar Ritter. * Software copyrighted by Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A., (C) 2003. * Software copyrighted by Gisle Aas. (C) 1995-2003. * Software copyrighted by Michael A. Chase, (C) 1999-2000. * Software copyrighted by Neil Winton, (C) 1995-1996. * Software copyrighted by RSA Data Security, Inc., (C) 1990-1992. * Software copyrighted by Sean M. Burke, (C) 1999, 2000. * Software copyrighted by Martijn Koster, (C) 1995. * Software copyrighted by Brad Appleton, (C) 1996-1999. * Software copyrighted by Michael G. Schwern, (C) 2001. * Software copyrighted by Graham Barr, (C) 1998. * Software copyrighted by Larry Wall and Clark Cooper, (C) 1998-2000. * Software copyrighted by Frodo Looijaard, (C) 1997. * Software copyrighted by the Python Software Foundation, Copyright (C) 2001, 2002, 2003. A copy of the license agreement for this software can be found at www.python.org. * Software copyrighted by Beman Dawes, (C) 1994-1999, 2002. * Software written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G. Siek (C) 1997-2000 University of Notre Dame. * Software copyrighted by Simone Bordet & Marco Cravero, (C) 2002. * Software copyrighted by Stephen Purcell, (C) 2001. * Software developed by the Indiana University Extreme! Lab (http://www.extreme.indiana.edu/). * Software copyrighted by International Business Machines Corporation and others, (C) 1995-2003. * Software developed by the University of California, Berkeley and its contributors. * Software developed by Ralf S. Engelschall for use in the mod_ssl project (http:// www.modssl.org/). * Software copyrighted by Kevlin Henney, (C) 2000-2002. * Software copyrighted by Peter Dimov and Multi Media Ltd. (C) 2001, 2002. * Software copyrighted by David Abrahams, (C) 2001, 2002. See http://www.boost.org/libs/bind/bind.html for documentation. * Software copyrighted by Steve Cleary, Beman Dawes, Howard Hinnant & John Maddock, (C) 2000. * Software copyrighted by Boost.org, (C) 1999-2002. * Software copyrighted by Nicolai M. Josuttis, (C) 1999. * Software copyrighted by Jeremy Siek, (C) 1999-2001. * Software copyrighted by Daryle Walker, (C) 2001. * Software copyrighted by Chuck Allison and Jeremy Siek, (C) 2001, 2002. * Software copyrighted by Samuel Krempp, (C) 2001. See http://www.boost.org for updates, documentation, and revision history. * Software copyrighted by Doug Gregor (gregod@cs.rpi.edu), (C) 2001, 2002. * Software copyrighted by Cadenza New Zealand Ltd., (C) 2000. * Software copyrighted by Jens Maurer, (C) 2000, 2001. * Software copyrighted by Jaakko Järvi (jaakko.jarvi@cs.utu.fi), (C) 1999, 2000. * Software copyrighted by Ronald Garcia, (C) 2002. * Software copyrighted by David Abrahams, Jeremy Siek, and Daryle Walker, (C) 1999-2001. * Software copyrighted by Stephen Cleary (shammah@voyager.net), (C) 2000. * Software copyrighted by Housemarque Oy , (C) 2001. * Software copyrighted by Paul Moore, (C) 1999. * Software copyrighted by Dr. John Maddock, (C) 1998-2002. * Software copyrighted by Greg Colvin and Beman Dawes, (C) 1998, 1999. * Software copyrighted by Peter Dimov, (C) 2001, 2002. * Software copyrighted by Jeremy Siek and John R. Bandela, (C) 2001. * Software copyrighted by Joerg Walter and Mathias Koch, (C) 2000-2002. * Software copyrighted by Carnegie Mellon University (C) 1989, 1991, 1992. * Software copyrighted by Cambridge Broadband Ltd., (C) 2001-2003. * Software copyrighted by Sparta, Inc., (C) 2003-2004. * Software copyrighted by Cisco, Inc and Information Network Center of Beijing University of Posts and Telecommunications, (C) 2004. * Software copyrighted by Simon Josefsson, (C) 2003. * Software copyrighted by Thomas Jacob, (C) 2003-2004. * Software copyrighted by Advanced Software Engineering Limited, (C) 2004. * Software copyrighted by Todd C. Miller, (C) 1998. * Software copyrighted by The Regents of the University of California, (C) 1990, 1993, with code derived from software contributed to Berkeley by Chris Torek. V3.1.3