- Community Home
- >
- HPE Community, Taiwan
- >
- 伺服器
- >
- Netserver/Proliant 伺服器
- >
- CompaqDL380G2 2381port漏洞處理方式
Netserver/Proliant 伺服器
1752800
會員
5696
線上
108789
解決方案
論壇
類別
Company
Local Language
返回
論壇
討論平台
返回
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
部落格
信息
社區語言
語言
論壇
部落格
文章選項
- 訂閱此主題的RSS 提要
- 將此主題標記為未讀
- 將主題標記為已讀
- 將主題在本帳號置頂
- 標示為書籤
- 訂閱此主題
- 列印此頁
- 將文章標記為未讀
- 標示為書籤
- 訂閱此主題
- 靜音
- 訂閱此主題的RSS 提要
- 高亮顯示此文章
- 列印此文章
- 提報不當內容
在 02-16-2006 04:00 PM
在 02-16-2006 04:00 PM
CompaqDL380G2 2381port漏洞處理方式
Server:Compaq ProLiant DL380 G2(235438-AA1)
偵測到2381 port的漏洞
我該如何修補,軟件下載位置,謝謝。
Vulnerability found on port unknown (2381/tcp)
The remote host seems to be using a version of OpenSSL which is
older than 0.9.6e or 0.9.7-beta3
This version is vulnerable to a buffer overflow which,
may allow an attacker to obtain a shell on this host.
*** Note that since safe checks are enabled, this check
*** might be fooled by non-openssl implementations and
*** produce a false positive.
*** In doubt, re-execute the scan without the safe checks
Solution : Upgrade to version 0.9.6e (0.9.7beta3) or newer
Risk factor : High
CVE : CVE-2002-0656, CVE-2002-0655, CVE-2002-0657, CVE-2002-0659, CVE-2001-1141
BID : 3004, 4316, 5363
Other references : IAVA:2002-A-0009, SuSE:SUSE-SA:2002:033
Nessus ID : 11060
Information found on port unknown (2381/tcp)
Synopsis :
The remote service encrypts traffic using a protocol with known
weaknesses.
Description :
The remote service accepts connections encrypted using SSL 2.0, which
reportedly suffers from several cryptographic flaws and has been
deprecated for several years. An attacker may be able to exploit these
issues to conduct man-in-the-middle attacks or decrypt communications
between the affected service and clients.
See also :
http://www.schneier.com/paper-ssl.pdf
Solution :
Consult the application's documentation to disable SSL 2.0 and use SSL
3.0 or TLS 1.0 instead.
Risk factor :
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Nessus ID : 20007
偵測到2381 port的漏洞
我該如何修補,軟件下載位置,謝謝。
Vulnerability found on port unknown (2381/tcp)
The remote host seems to be using a version of OpenSSL which is
older than 0.9.6e or 0.9.7-beta3
This version is vulnerable to a buffer overflow which,
may allow an attacker to obtain a shell on this host.
*** Note that since safe checks are enabled, this check
*** might be fooled by non-openssl implementations and
*** produce a false positive.
*** In doubt, re-execute the scan without the safe checks
Solution : Upgrade to version 0.9.6e (0.9.7beta3) or newer
Risk factor : High
CVE : CVE-2002-0656, CVE-2002-0655, CVE-2002-0657, CVE-2002-0659, CVE-2001-1141
BID : 3004, 4316, 5363
Other references : IAVA:2002-A-0009, SuSE:SUSE-SA:2002:033
Nessus ID : 11060
Information found on port unknown (2381/tcp)
Synopsis :
The remote service encrypts traffic using a protocol with known
weaknesses.
Description :
The remote service accepts connections encrypted using SSL 2.0, which
reportedly suffers from several cryptographic flaws and has been
deprecated for several years. An attacker may be able to exploit these
issues to conduct man-in-the-middle attacks or decrypt communications
between the affected service and clients.
See also :
http://www.schneier.com/paper-ssl.pdf
Solution :
Consult the application's documentation to disable SSL 2.0 and use SSL
3.0 or TLS 1.0 instead.
Risk factor :
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Nessus ID : 20007
1則回覆 1
以上表述為作者個人觀點,不代表惠普公司,使用本網站,請遵守網站使用規則和條款
© 版权所有 2024 慧与发展有限责任合伙企业