I’m trying to remediate a vulnerability scan that was run against our ACE XML Gateway running version 6.1. The scan came back with three possible vulnerabilities all referring to various versions of OpenSSH. How do I confirm what OpenSSH version my XML Gateway is using?
ACE XML Gateway 6.1-2009-10-20T15
OpenSSH Multiple Memory Management Vulnerabilities fixed in OpenSSH v3.7.1
OpenSSH GSSAPI Credential Disclosure Vulnerability fixed in OpenSSH v4.2
OpenSSH Signal Handling Vulnerability fixed in OpenSSH v4.4
The developement team has been adding security patches to the 3.6 OpenSSH for some time now. They have told us that the AXG is not vulnerable to any of the security issues that 3.6 had. Unfortunately, the only documentation we have is what you see on CCO. If you require further information, then you'll need to open up a case with Cisco TAC so they can engage the necessary folks in engineering that can address your specific questions.
I wish I could be of more help on this in this forum.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
Introduction Prepositioning is a powerful tools on the WAAS platform but
it is not always easy to figure out why your jobs are failing when
trying to retrieve the files.Here is a method that should help you to
figure out the reason why they are not succes...