Vulnerability SSL scan reports on Symantec Brightmail Gateway appliances (7.6.x/7.7.x)

Article:TECH90732  |  Created: 2008-01-06  |  Updated: 2008-01-06  |  Article URL http://www.symantec.com/docs/TECH90732
Article Type
Technical Solution

Product(s)

Issue



You are using software analysis tool by Qualys to perform a vulnerability scan against a Symantec Brightmail Gateway appliance.
The tool is reporting vulnerabilities on SSL.

Symptoms
The following vulnerabilities may be reported:


SSL Server Allows Cleartext Communication Vulnerability (QID: 38143)
SSL Server Supports Weak Encryption Vulnerability (QID: 38140)
SSL Server Allows Anonymous Authentication Vulnerability (QID: 38142)




Solution



QualysGuard reportedstandardized potential vulnerabilities when the scan is performed against TCP port 443, the Symantec Brightmail Gateway Administration Interface.

The Symantec Brightmail Gateway appliance is not vulnerable, provided best practices are followed in securing administrative accounts, client machine integrity, and a Symantec supported Web browser is used for management.

Details:
The Symantec Brightmail Gateway appliance is managed utilizing a client web browser.
Connectivity to the Symantec Brightmail Gateway User Interface is a HTTP over Secure Sockets Layer (SSL) based connection on TCP port 443 (or 41443).

The QualysGuard scan signatures are focused on standardized web server implementations of Secure Sockets Layer (SSL).
These scan signatures are targeted at the out-of-the-box behavior that you would expect from any SSL server.

Please refer to Symantec Brightmail Gateway appliance Administration Guide and Release Notes to follow Symantec's recommended best practices on configuring your Symantec Brightmail Gateway appliance.





Legacy ID



2008110610512154


Article URL http://www.symantec.com/docs/TECH90732


Terms of use for this information are found in Legal Notices