Date: Wed, 6 Sep 2017 17:02:21 +0200 From: Dan Lukes <dan@obluda.cz> To: Mike Tancsa <mike@sentex.net> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: https://www.freebsd.org/security/advisories/FreeBSD-SA-14:19.tcp.asc Message-ID: <58aff9de-a0fa-6d0d-e075-adcfc21610b2@obluda.cz> In-Reply-To: <101d5767-d781-d8ec-5512-f3ae4cc0db77@sentex.net>
index | next in thread | previous in thread | raw e-mail
Mike Tancsa wrote: > I have been testing a box against the qualys PCI scanner. For whatever > reason, RELENG 10 comes up vulnerable still to > CVE-2004-0230 > > Any idea why this might show as being an issue still ? Is it an issue or just a false positive ? I can't judge it as I know neither details of particular test nor why Qualys consider it failing. You should contact Qualys for details. All I can tell is - the Commodo's PCI DSS scanner doesn't claim latest 10.3-RELEASE vulnerable to CVE-2004-0230. No specific configuration has been necessary for such result. Danhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?58aff9de-a0fa-6d0d-e075-adcfc21610b2>