the palo's on our public internet are being scanned for vulnerabilities and other open issues. Last week scanning a issue regarding "OpenSSL ASN.1 Parsing Vulnerabilities port 443/tcp over SSL" on the portal website of the Palo for ssl-vpn access was detected and marked high.
The security officer now wants to get this solved in a few days. What can we do about it as shutting down SSL portal is not possible either.
Here the full data from this report.
Category: General remote services
CVE ID: CVE-2003-0543, CVE-2003-0544, CVE-2003-0545, CVE-2005-1730
Vendor Reference: -
Bugtraq ID: 8732
Service Modified: 11/06/2009
User Modified: -
PCI Vuln: Yes
First Detected: 06/05/2012 at 18:01:45 (GMT+0200) Last Detected: 06/05/2012 at 18:01:45 (GMT+0200) Times Detected: 1
The OpenSSL Project released OpenSSL versions 0.9.6k and 0.9.7c to address these issues. Any application dynamically linked to OpenSSL
libraries should be restarted after applying fixes. Applications that are statically linked to OpenSSL libraries should be recompiled after upgrading
Red Hat released an advisory (RHSA-2003:291-01) to address these issues. Fixes may be applied with the Red Hat Update Agent. Manual fixes are
also listed in the advisory.
OpenPKG released advisory OpenPKG-SA-2003.044 to address these issues. Please see the advisory for details on obtaining and applying fixes.
Apple addressed these issues in MacOS X 10.2.8."
Anyone had the same issue ?
PANOS have been used for OPEN SSL 0.9.8 and that has not vulnerability of Open SSL issue. But newer OpenSSL issue has got a problem of PAN and you should call and question your local SE and He can provide you proper information for the issue.
I have been always monitoring for you on the PAN community.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!