Symantec Web Gateway Vulnerabilities
Created: 05 Oct 2009 | Updated: 10 Jul 2010 | 2 comments
Hi,
Just installed our new Symantec Web Gateway model 8450. It was a snap to install, make operational and begin monitoring traffic and blocking the bad guys.
Now I've run a network vulnerability scan on the unit and it identified two problems:
1.) Squid versions 2-4 Stable 6 is vulnerable (can I upgrade this?)
2.) mod_ssl older than 2.8.7 have a buffer over which could allow users to gain a shell remotely.
Also, the SSL certificate is issued by MI5Networks; is there some way to install a proper certificate?
Thanks in advance,
steve
Discussion Filed Under:
Comments 2 Comments • Jump to latest comment
Hi Steve,
My understanding is you are working with Support to verify if there are any issues here, is that correct?
Thanks,
Kevin
Sorry for the tardy reply kevin,
Yes, called support, vulnerabilities were patched, both symantec and GFI updates. There is no support for altering the SSL certificate.
Take care,
steve
Would you like to reply?
Login or Register to post your comment.