https://www.freebsd.org/security/advisories/FreeBSD-SA-14:19.tcp.asc

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

https://www.freebsd.org/security/advisories/FreeBSD-SA-14:19.tcp.asc

mdtancsa
I have been testing a box against the qualys PCI scanner. For whatever
reason, RELENG 10 comes up vulnerable still to
CVE-2004-0230

Any idea why this might show as being an issue still ? Is it an issue or
just a false positive ?

        ---Mike


--
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, [hidden email]
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada   http://www.tancsa.com/
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: https://www.freebsd.org/security/advisories/FreeBSD-SA-14:19.tcp.asc

Dan Lukes
Mike Tancsa wrote:
> I have been testing a box against the qualys PCI scanner. For whatever
> reason, RELENG 10 comes up vulnerable still to
> CVE-2004-0230
>
> Any idea why this might show as being an issue still ? Is it an issue or just a false positive ?

I can't judge it as I know neither details of particular test nor why
Qualys consider it failing. You should contact Qualys for details.

All I can tell is - the Commodo's PCI DSS scanner doesn't claim latest
10.3-RELEASE vulnerable to CVE-2004-0230. No specific configuration has
been necessary for such result.

Dan
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[hidden email]"