Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 23 replies
  • Subscribers 2 subscribers
  • Views 44107 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

My ASG220 Failed latest Trustwave Vulnerability Scan

cottonakin
Our latest Trustwave vulnerability scan failed due to my Astaro Gateway and its Apache dna. Here's the actual failure:

Apache HTTP Server Long-Header Cookie Disclosure Vulnerability:

Remediation:
This issue was fixed with the release of version 2.2.22 of Apache HTTP Server. However, it is strongly recommended that the latest stable version with all of the appropriate patches be installed.

I'm running the latest version of ASG 8.301

Any suggestions?


This thread was automatically locked due to age.
Parents
  • 0

    It is Trustwave, do not apply logic.  They could be doing anything (other than finding real vulns, look at their track record).

    If you are dealing with the Spider Labs team at TW, you're likely talking to an intelligent person, otherwise is it best to assume otherwise.  I would not be surprised if they scanned internally, or simply didn't rescan.

    Jack

Reply
  • 0

    It is Trustwave, do not apply logic.  They could be doing anything (other than finding real vulns, look at their track record).

    If you are dealing with the Spider Labs team at TW, you're likely talking to an intelligent person, otherwise is it best to assume otherwise.  I would not be surprised if they scanned internally, or simply didn't rescan.

    Jack

Children