Symantec Web Gateway Vulnerabilities
Updated: 10 Jul 2010 | 2 comments
Hi,
Just installed our new Symantec Web Gateway model 8450. It was a snap to install, make operational and begin monitoring traffic and blocking the bad guys.
Now I've run a network vulnerability scan on the unit and it identified two problems:
1.) Squid versions 2-4 Stable 6 is vulnerable (can I upgrade this?)
2.) mod_ssl older than 2.8.7 have a buffer over which could allow users to gain a shell remotely.
Also, the SSL certificate is issued by MI5Networks; is there some way to install a proper certificate?
Thanks in advance,
steve
discussion Filed Under:
Comments
Web Gateway vulnerabilities
Hi Steve,
My understanding is you are working with Support to verify if there are any issues here, is that correct?
Thanks,
Kevin
Sorry for the tardy reply
Sorry for the tardy reply kevin,
Yes, called support, vulnerabilities were patched, both symantec and GFI updates. There is no support for altering the SSL certificate.
Take care,
steve
Would you like to reply?
Login or Register to post your comment.