- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-11-2014 04:02 AM
Palo Alto released multiple vulnerabilities for the Heartbleed bug.
Severity | ID | Attack Name | CVE ID | Vendor ID | Default Action | Minimum PAN-OS Version |
medium | 40039 | OpenSSL TLS Heartbeat Brute Force - Heartbleed | CVE-2014-0160 | alert |
| |
informational | 36417 | OpenSSL TLS Heartbeat Found | alert |
| ||
medium | 36418 | OpenSSL TLS Malformed Heartbeat Response Found - Heartbleed | alert |
|
Severity | ID | Attack Name | CVE ID | Vendor ID | Default Action | Minimum PAN-OS Version |
critical | 36416 | OpenSSL TLS Heartbeat Information Disclosure Vulnerability - Heartbleed | CVE-2014-0160 | reset-server |
|
Are we fully protected when using the default settings?
Could there be any negative impact when setting "OpenSSL TLS Malformed Heartbeat Response Found - Heartbleed" also to drop? Or any of the other?
Kind regards
04-11-2014 08:41 AM
FYI just for the benefit of the community, I have run ssltest.py against an internal server that is known to be susceptible to heartbleed and ssltest.py reports it as NOT VULNERABLE. We have tested nmap's ssl-heartbleed NSE script against the same server and Nmap's NSE script correctly identifies it as vulnerable.
Long story short, be careful what scripts you're running to verify if servers seem to be vulnerable or not
04-11-2014 08:43 AM
Also I just looked and it appears that the NMAP NSE script causes our PA4020 to correctly flag "OpenSSL TLS Heartbeat found" when I scan the vulnerable server! So the PA threat update is working
04-11-2014 08:51 AM
And the choices that you have on the PA are to alert or block. How many users are blocking?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!