Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 4 subscribers
  • Views 9154 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

KF Web Server /%00 bug in WebAdmin?

Breakingcustom

I just installed OpenVAS yesterday for testing and had it do scans against our Sophos UTM.  It came back with the vulnerability "KF Web Server /%00 bug", but when doing a quick Google search I'm not finding anything in regards to the Sophos UTM line.

Is this really anything to worry about?  I've uploaded a screenshot with more details.

 



This thread was automatically locked due to age.
Parents Reply Children
  • +1 in reply to Breakingcustom

    There's nothing that exploit could possibly do since the UTM uses Apache, not KeyFocus.  In any case, all of the pieces of the UTM are stripped down and hardened to minimize exposure.  You'd have to get in as root at the command line to "see" anything inside of it.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks for the info.  I was just curious since I couldn't find anything about it when doing a Google Search.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?