Re: HPSBMU02947 - Vulnerabilities fixed in SMH 7.2.3?

VulnResearcher · ‎05-23-2014

Hello all,

Were the vulnerabilites ( CVE-2013-4846 and CVE-2013-6188 ) discussed in HPSBMU02947 fixed in SMH 7.2.3?

I assume that they are because it is a later release and the components most likely affected were updated in the 7.2.3 release.

Also, SMH 7.2.3 appears to be recommended that it be installed on Windows 2003. Is this just a recommendation or can 7.2.3 only be installed on Windows 2003? I did successfully install 7.2.3 on Windows 7.

Thanks

NJK-Work · ‎05-23-2014

My understanding is that 7.2.3 is a special version released for Windows 2003 that addresses Heartbleed. The reason for the special release is the that 7.3.x familiy also includes a new version of PHP that is not compatible with Windows 2003. So if you try to install 7.3.2 on Windows 2003 you would fix heartbleed, but end up breaking SMH due to the incompatible PHP library. So you need 7.2 for Windows 2003 and 7.3 for Windows 2008/R2 to fix Heartbleed for both OS versions.

Nelson

VulnResearcher · ‎06-03-2014

Thanks Nelson! This is helpful, but unfortunately does not answer my question. Does anybody else have any insight for my question?

NJK-Work · ‎06-04-2014

Ah - sorry. I assumed HPSBMU02947 was the article related to Heartbleed (as that seems to be the hot topic recently). But I now see it is related to a sepeperate issue.

NK

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: HPSBMU02947 - Vulnerabilities fixed in SMH 7.2.3?

HPSBMU02947 - Vulnerabilities fixed in SMH 7.2.3?