nessus scan - openssl vulnerability
I did a nessus scan on some of my servers today, and I got back this.
OpenSSL 0.9.8e 23 Feb 2007
So after upgrading, I re-ran the nessus scan. And I got back the same result. I imagine this is an apache config problem?
I'm running apache 2.2.4 w/ php5.2.1. openssl is version 0.9.8.
Can anyone give me some direction?
Check the service it reports a problem with. The thing is that quite many programs link with OpenSSL directly and do not use the version you have installed in your system. You'd need to update the service if that's the case.
|All times are GMT -5. The time now is 04:10 PM.|