cancel
Showing results for 
Search instead for 
Did you mean: 

Extreme Networks update on the OpenSSL vulnerability called “Heartbleed"

Extreme Networks update on the OpenSSL vulnerability called “Heartbleed"

Tamera_Rousseau
New Contributor
Patches will be available for all affected products by Monday (4/14). Reference Extreme Network CERT VU#720951 Vulnerability Advisory note for additional details. http://learn.extremenetworks.com/rs/extreme/images/CERT_VU%23720951_Vulnerability_Advisory_04_11_201...
18 REPLIES 18

Sumit_Tokle
Contributor
I got the confirmation mail by saying that it has been uploaded. Can you please check again in our esupport web portal?

Thanks

PJ1
New Contributor
still no able to see the Patch 1-10 release

Sumit_Tokle
Contributor
Extreme switch won’t be affected as long as “https” is disabled like below test result but it is strongly recommended not to use the version which does not have the patch. Below is the result of the nmap to identify the vulnerability.

#####################################

nmap -sV -p 443 --script=ssl-heartbleed.nse 10.120.120.90



Starting Nmap 6.45 ( http://nmap.org ) at 2014-04-14 12:15 SGT

Warning: File ./nmap-services exists, but Nmap is using /usr/local/bin/../share/nmap/nmap-services for security and consistency reasons.

set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too).

Nmap scan report for 10.120.120.90

Host is up (0.0016s latency).

PORT STATE SERVICE VERSION

443/tcp closed https



Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 0.46 seconds

#####################################





#####################################

* X440-24t-10G-USB2.16 # sh "Mgmt"

Primary IP: 10.120.120.90/24



* X440-24t-10G-USB2.11 # sh ver

Switch : 800475-00-10 1323N-44095 Rev 10.0 BootROM: 2.0.1.7 IMG: 15.4.1.3

PSU-1 : Internal Power Supply

PSU-2 :



Image : ExtremeXOS version 15.4.1.3 v1541b3-patch1-1 by release-manager

on Fri Jan 17 15:25:46 EST 2014

BootROM : 2.0.1.7

Diagnostics : 6.3



* X440-24t-10G-USB2.12 # sh management

CLI idle timeout : Enabled (20 minutes)

CLI max number of login attempts : 3

CLI max number of sessions : 8

CLI paging : Enabled (this session only)

CLI space-completion : Disabled (this session only)

CLI configuration logging : Disabled

CLI scripting : Disabled (this session only)

CLI scripting error mode : Ignore-Error (this session only)

CLI persistent mode : Persistent (this session only)

CLI prompting : Enabled (this session only)

Telnet access : Enabled (tcp port 23 vr all)

: Access Profile : not set

SSH access : Enabled (Key valid, tcp port 22 vr all)

: Access Profile : not set

Web access : Disabled (tcp port 80)

: Access Profile : not set

Total Read Only Communities : 1

Total Read Write Communities : 1

RMON : Disabled

SNMP access : Enabled

: Access Profile : not set

SNMP Compatibility Options :

GETBULK Reply Too Big Action : Too Big Error

SNMP Traps : Enabled

SNMP v1/v2c TrapReceivers : None



SNMP stats: InPkts 0 OutPkts 0 Errors 0 AuthErrors 0

Gets 0 GetNexts 0 Sets 0 Drops 0

SNMP traps: Sent 0 AuthTraps Enabled

SNMP inform: Sent 0 Retries 0 Failed 0



* X440-24t-10G-USB2.14 # disable web https

SSL Module: Not Installed

#####################################

http://hackertarget.com/testing-heartbleed-with-the-nmap-nse-script/ Used the script from this website.

Sumit_Tokle
Contributor
ExtremXOS 15.4.1.3-patch1-10 has been released and it is ready to download.
GTM-P2G8KFN