Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 23 replies
  • Subscribers 2 subscribers
  • Views 44095 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

My ASG220 Failed latest Trustwave Vulnerability Scan

cottonakin
Our latest Trustwave vulnerability scan failed due to my Astaro Gateway and its Apache dna. Here's the actual failure:

Apache HTTP Server Long-Header Cookie Disclosure Vulnerability:

Remediation:
This issue was fixed with the release of version 2.2.22 of Apache HTTP Server. However, it is strongly recommended that the latest stable version with all of the appropriate patches be installed.

I'm running the latest version of ASG 8.301

Any suggestions?


This thread was automatically locked due to age.
Parents
  • 0
    Hi, Cottonakin, and welcome to the User BB!

    You'll need to remove external access to WebAdmin and the User Portal.  There's no real exposure, so you can put those back after the tests are complete.

    I'm not a CISSP though, so maybe BruceK or another would like to confirm to assure you.

    Cheers - Bob
    PS Your reseller should be able to answer such questions, or to submit a support request to Astaro if necessary.
Reply
  • 0
    Hi, Cottonakin, and welcome to the User BB!

    You'll need to remove external access to WebAdmin and the User Portal.  There's no real exposure, so you can put those back after the tests are complete.

    I'm not a CISSP though, so maybe BruceK or another would like to confirm to assure you.

    Cheers - Bob
    PS Your reseller should be able to answer such questions, or to submit a support request to Astaro if necessary.
Children
No Data