Netserver/Proliant 伺服器

CompaqDL380G2 2381port漏洞處理方式

CompaqDL380G2 2381port漏洞處理方式

Server:Compaq ProLiant DL380 G2(235438-AA1)

偵測到2381 port的漏洞


Vulnerability found on port unknown (2381/tcp)

The remote host seems to be using a version of OpenSSL which is

older than 0.9.6e or 0.9.7-beta3

This version is vulnerable to a buffer overflow which,

may allow an attacker to obtain a shell on this host.

*** Note that since safe checks are enabled, this check

*** might be fooled by non-openssl implementations and

*** produce a false positive.

*** In doubt, re-execute the scan without the safe checks

Solution : Upgrade to version 0.9.6e (0.9.7beta3) or newer

Risk factor : High

CVE : CVE-2002-0656, CVE-2002-0655, CVE-2002-0657, CVE-2002-0659, CVE-2001-1141

BID : 3004, 4316, 5363

Other references : IAVA:2002-A-0009, SuSE:SUSE-SA:2002:033

Nessus ID : 11060

Information found on port unknown (2381/tcp)

Synopsis :

The remote service encrypts traffic using a protocol with known


Description :

The remote service accepts connections encrypted using SSL 2.0, which

reportedly suffers from several cryptographic flaws and has been

deprecated for several years. An attacker may be able to exploit these

issues to conduct man-in-the-middle attacks or decrypt communications

between the affected service and clients.

See also :

Solution :

Consult the application's documentation to disable SSL 2.0 and use SSL

3.0 or TLS 1.0 instead.

Risk factor :

Low / CVSS Base Score : 2


Nessus ID : 20007

1 回覆

回應: CompaqDL380G2 2381port漏洞處理方式

TCP Port 2381 是 HP System Management Homepage 走的 Port 封起來就不能用 SMH了唷