This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

My ASG220 Failed latest Trustwave Vulnerability Scan

Our latest Trustwave vulnerability scan failed due to my Astaro Gateway and its Apache dna. Here's the actual failure:

Apache HTTP Server Long-Header Cookie Disclosure Vulnerability:

Remediation:
This issue was fixed with the release of version 2.2.22 of Apache HTTP Server. However, it is strongly recommended that the latest stable version with all of the appropriate patches be installed.

I'm running the latest version of ASG 8.301

Any suggestions?

This thread was automatically locked due to age.

Parents

0 BAlfson over 13 years ago

OK, but why do we think this is the problem he's having? If he's not using the reverse proxy, then WebAppSec doesn't have the port open. What other than the User Portal might have Apache talking on 443?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 13 years ago

OK, but why do we think this is the problem he's having? If he's not using the reverse proxy, then WebAppSec doesn't have the port open. What other than the User Portal might have Apache talking on 443?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data