Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
932
Views
0
Helpful
2
Replies

Need suggestion on vulnerability

vinayjaiswal
Level 3
Level 3

‎05-15-2018 11:27 PM - edited ‎03-10-2019 01:01 AM

We are having GSS-4492-K9 with Current running version is 3.1(0). We got the below vulnerabilities for the product. Need your suggestions.

 

OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities (SWEET32)

Upgrade to the Latest version of OpenSSL.

Unsupported Web Server Detection

Remove the service if it is no longer needed. Otherwise, upgrade to a newer version if possible or switch to another server.

Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS

If using NTP from the Network Time Protocol Project, upgrade to NTP version 4.2.7-p26 or later. Alternatively, addc‘disable monitor’ to the ntp.conf configuration file and restart the service. Otherwise, limit access to the affected service to trusted hosts, or contact the vendor for a fix.

Apache HTTP Server httpOnly Cookie Information Disclosure

Upgrade to Apache version 2.0.65 / 2.2.22 or later.

 

 

Labels:
0 Helpful
2 Replies 2

Leo Laohoo
Hall of Fame
Hall of Fame

‎05-16-2018 12:34 AM

The only solution is to upgrade the firmware of the appliance.
0 Helpful

Karsten Iwen
VIP
VIP

‎05-16-2018 06:24 AM

Although there is newer software for your appliance, it still is "End of software maintenance" since January 2015. I would not expect that you can get rid of vulnerabilities in your audit without dumping the whole system.

0 Helpful
Customers Also Viewed These Support Documents