|Applies To||RSA Keon Registration Authority 6.5.1|
RSA Keon Certificate Authority 6.5.1
Sun Solaris 2.8
McAfee Foundstone Enterprise
|Issue||Possible Apache vulnerabilities when scanned with McAfee Foundstone Enterprise|
Customer recently scanned all of our Operational Environment (OE) servers for vulnerabilities using the McAfee Foundstone Enterprise. Vulnerabilities were identified on the KCA and KRA.
KCA Apache web server showing security vulnerability with scan due patch level/version
Customer's scanning tools inform them that the Apache web server is running a patch level/version that contains a security vulnerability
HTTP Smuggling :
Other solutions to view regarding vulnerabilities are:
Apache vulnerability 'Apache HTTP Server mod_rewrite' from scan - "Mod alias/mod rewrite"
Scan of RSA Certificate Manager 6.7 show vulnerabilities with Apache 1.3.33 - "SSLVerifyClient Bypass Restrictions", "mod_ssl ssl_engine_ext Format String Error ", "Cross Scripting"
Has RSA Security addressed possible vulnerabilities detected on Keon Certificate Authority 6.5.1 by Nessus Security Scanner? - "Web Server Supports Outdated SSLv2 Protocol"
|Legacy Article ID||a35077|