| Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback |
| Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition | ||
|
|
||
 |
||||||||||||||||||||
Solution Type Problem Resolution Sure Solution 1618934.1 : SL8500 - PCI Scan Shows OpenSSH Vulnerabilities
In this Document
Created from <SR 3-8456668471> Applies to:Sun StorageTek SL8500 Modular Library System - Version All Versions to All Versions [Release All Releases]Information in this document applies to any platform. SymptomsA PCI Scan Showes OpenSSH Vulnerabilities On SL8500. ChangesA network security scan run on a user's network. CauseOpenSSH security vulnerabilities can occur as new releases of OpenSSH levels are generated by the OpenSSH community. To view past and present versions of OpenSSh go to this website http://www.openssh.com/security.html SolutionTwo pieces of information should be known before proceeding with the solution. 1. What is the minimum version of OpenSSH does the security software running on a users network expect to find and not generate vulnerability messages or warnings. 2. The current version of OpenSSH running on a device flagged by the security software. To discover what version of OpenSSH is running on any device in the network - Issue the following command from a unix server to the tape library ip address: #ssh -V <ip-address> sample output OpenSSH_5.8p2, OpenSSL 0.9.6e 30 Jul 2002 If the version reported by the library from the ssh command is not at the minimum level the security software is expecting, user should schedule an upgrade of library microcode to resolve this issue. References<NOTE:1475896.1> - SL8500 / SL3000 - What is The Code Version of the Firmware Installed in Tape Library and Tape Drive<NOTE:1016345.1> - SL8500 - How to Display Current Version of SSH on Library <NOTE:1293094.1> - SL500/SL3000/SL8500 - How to Change SSH Settings Attachments This solution has no attachment |
||||||||||||||||||||
|
||||||||||||||||||||