Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: How do I fix vulnerabilities

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
CSI

This thread has been marked as locked.
ingram59 How do I fix vulnerabilities
Member 7th Feb, 2012 17:45
Ranking: 0
Posts: 3
User Since: 7th Feb, 2012
System Score: N/A
Location: US
I need to know how to go about pataching a vulnerability on several Windows servers. Our recent audit finding disclosed the Open SSL OP_netscape_reuse_cipher_change_bug vulnerability. I'm out of my depth on this, but I still need to resolved it. I can't find any clear explanation of what to fix nor how to fix it. Any help would be appreciated. I gladly admit my inexperience in trying to resolve this type of issue. Please have mercy on me and provide any helpful suggestions.

Thanks,

Maurice Joyce RE: How do I fix vulnerabilities
Handling Contributor 7th Feb, 2012 18:20
Score: 11744
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Are U a CSI user?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
ingram59 RE: How do I fix vulnerabilities
Member 7th Feb, 2012 18:27
Score: 0
Posts: 3
User Since: 7th Feb 2012
System Score: N/A
Location: US
Not sure. What does the acronym stand for? The audit was done by an external company. We received the audit findings and are assigned with resolving the issues. My expertise from a developer standpoint is nill. So, having to decipher these issues and figure out how to resolve them is, needless to say, challenging at best..

Sorry that I can't be of more help.



Was this reply relevant?
+0
-0
Maurice Joyce RE: How do I fix vulnerabilities
Handling Contributor 7th Feb, 2012 18:47
Score: 11744
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
These are the various programmes from Secunia.

http://secunia.com/products/

I only ask because U have posted under Vulnerabilities. I can move that for U to so U get better exposure to the Secunia Experts or other IT Professionals if using CSI.





--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
ingram59 RE: How do I fix vulnerabilities
Member 7th Feb, 2012 19:49
Score: 0
Posts: 3
User Since: 7th Feb 2012
System Score: N/A
Location: US
That would be great. Please make sure that I stay subscribed to the postings....

Was this reply relevant?
+0
-0
Maurice Joyce RE: How do I fix vulnerabilities
Handling Contributor 7th Feb, 2012 20:59
Score: 11744
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
I have moved it to the CSI Forum. U can also request help by emailing:

csc@secunia.com

if U do not get a timely response from here.


--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
ddmarshall RE: How do I fix vulnerabilities
Dedicated Contributor 7th Feb, 2012 23:40
Score: 1210
Posts: 961
User Since: 8th Nov 2008
System Score: 98%
Location: UK
You have an application using an out of date version of OpenSSL.

Here is information about the vulnerability:
http://openssl.org/news/secadv_20101202.txt

Here is the main OpenSSL website:
http://www.openssl.org/
This may help you determine the type of application which would use this (something using encryption), otherwise you may need to ask round your suppliers.

You also need to look at any Security Appliances or VPNs you have.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability