similar to: Openssl vulnerability - SSL/ TLS Renegotion Handshakes

Hi, I'm currently at CentOS 5.8. After some penetration testing, found some high severity OpenSSH issues which would require its upgrade. But till CentOS 5.9 the latest rpm available is openssh-4.3p2-82.el5 (which I'm currently using). Is it fine to upgrade to CentOS 6 rpms while I'm on CentOS 5? Thanks, Anumeha

Hi, Following 2 vulnerabilities were detected in VA scan required for PCI compliance: 1. SSL Weak Cipher Suites Supported 2. SSL Medium Strength Cipher Suites Supported I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any idea how to get rid of this? Thanks, Anumeha

Hi, I'm currently at CentOS 5.8 and am applying the latest OS updates available for 5.8. I'm seeing following error: error: bind-libs-9.3.6-20.P1.el5_8.6.x86_64.rpm: headerRead failed: hdr blob(48062): BAD, read returned 515 error: bind-libs-9.3.6-20.P1.el5_8.6.x86_64.rpm cannot be installed Similar error is seen for other rpms as well. Any idea? Thanks, Anumeha

Hello list, johnny, karanbir, rodrigo, william, all, Looks like some changes in 4.4 with openssl behavior I thought to ask about now that things have quieted down slightly since release. I use openssl with my nagios nrpe plugins, and now am getting a "could not complete SSL handshake". I will of course post to nagios list but first want to find out from centos side some key info re:

I'm trying to get nessus setup for doing some internal security checking. I installed the ports for nessus and nessus-plugins, and everything worked as expected. I then registered for the full feed of plugins, which got me up to over 10,000 plugins. I restarted nessus, and it didn't work at all. I am running without X11, so I'm doing batch runs. I already have nmap installed, so I

Hi Ryan, I am not authenticating to any Windows server, I just have the samba server itself set up with 3 users who an login. ...Paul Ryan Frantz wrote: >Paul, > >Are you using a Windows PDC or ADS to authenticate your Samba shares? >If so, the problem would not be with Samba, but with the authenticating >server. > >Ryan > >-----Original Message----- >From:

Hello all, I’m running Shorewall 2.2.1 on linux kernel 2.6.10 with iptables 1.2.11. I recently ran a nessus scan of my firewall from a machine outside of the firewall and the nessus report told me that there are some ports open that I did not specify to be open. The ports are 32772/udp, 123/udp, 111/tcp, 32772/udp, and 53/udp. Why are these ports open when I did NOT specify them to be open

I have dovecot running as a pop3s server on port 995 it works great with sendmail and I run nessus to check security issues nessus reports this The SSLv2 server offers 3 strong ciphers, but also 0 medium strength and 2 weak "export class" ciphers. The weak/medium ciphers may be chosen by an export-grade or badly configured client software. They only offer a limited protection against

Recently, i scanned my samba4.1 server by Nessus (a vulnerability scanner tool - http://www.tenable.com/products/nessus) Nessus says that Samba4 is vulnerable to "LDAP NULL BASE Search Access" as "The remote LDAP server may disclose sensitive information." Further it says that - The remote LDAP server supports search requests with a null, or empty, base object. This allows

Thanks for the replies. The tool that we used for testing the security vulnerability is "Nessus". I have glibc version 2.17-78.el7, I saw that CVE-2015-0235 (Ghost) is fixed in this version and I want to apply patch for the vulnerbailities CVE-2015-1472 & CVE-2015-1473. Can you please help me in finding the right version that has fixes for these? Thanks On Sat, Apr 25, 2015 at

I run samba 2.2.8a on my openbsd 3.4 box, installed from a package. All i need is the ability to mount disks form winxp boxes so i only run smbd, at 139/tcp. I tried scanning the box with nessus, and it came up with some results that got me curious. Since i dont know very much about the smb protocol I thought i should ask here. Have searched the archives but found only old posts, concering

Good Day All Sorry if this is a repeated email, but I need some information about how to disable SSL on a Samba4.2.2 AD domain controller as the nessus scanner is reporting the POODLE vulnerability and we are not allowed to have any of that in our environment. the nessus scan reports poodle vulnerability on all these ports: 443, 636, 3269 I had a look at previous posts but couldn't find a

Hey guys. I have a server that is owned by me and can confirm through servint that it is owned by me. I would like to do a penetration test and of course to allow you to upload files on the server and kind of trash it to the point where it is always restarting and running out of memory etc etc. This is going to be mainly script kiddie stuff, however will be able to get you hired on with me for

I'm runninng samba 3.0.2a on a few machines, ADS security mode, domain member roles. I throw nessus at it, and it can fetch the SID and then list all of the users on the system. I view this as a security problem, is there a way to prevent this?

I'm trying to get get nessus 2.2.5 to install on my centos 3.5 system. It errors out with this error: Press ENTER to continue x - Compiling the libraries x -- Configuring the sources for your system configure: error: Could not find OpenSSL and OpenSSL headers on your system **** An error occured :/ Do you want to save the compilation log to analyze what went wrong ? [y] Where should I save

Thanks Kelvin I'm a bit confised tho, is this patch already avaiable? if yes, what is the parameter that disable ssl into the smb.conf? Maybe the guys from Enterprise samba have already included the patch into their releases so it's just a maatter of enabling the flag. I'm using sernet-samba-4.2.2 Thanks!

Hi boys & girls : Probably my Subject is crazy, but due I haven''t tryed this, I prefer to ask. Is it possible to run snort in a fw box (using shorewall, of course). Your feedback will be very well appreciate. Thanks Benito.-

On Mon, 16 Oct 2023 15:13:49 +0200 Adam B?aszczykowski via samba <samba at lists.samba.org> wrote: > Hello, > I'm experiencing very slow read/write performance, about 20 MB/s, on > Samba share when I configure the "server signing" option as > "mandatory". Once I set "server signing" to "default", the read/write > performance returns

Hi, I'm wondering if anybody could enlighten me about the effect of tracking RELENG? When the Openssh advisory came out (SA-03:12) I allowed a few days for all issues to get ironed out and then used CVSUP to rebuild my boxes with RELENG_4_7 or RELENG_4_8 (as appropriate). The advisory says that the problem with OpenSSH is fixed by 4.7-RELEASE-p16 and a 'uname -a' of one of my 4.7

Dear all, We're trying to use Nessus to monitor our system and we're having a hard time mapping the package versions from RedHat to CentOS in order to be able to report against CVE (vulnerability reports). After some research, we think that the mapping is as follows (using HTTPD as the example): CentOS httd-2.2.3-43.el5.centos.3 is equivalent to RedHat httpd-2.2.3-43.el5_5.3 So, it