This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Network Management & Authentication
- ExtremeCloud IQ- Site Engine Management Center
- RE: Extreme Networks update on the OpenSSL vulnera...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Extreme Networks update on the OpenSSL vulnerability called “Heartbleed"
Extreme Networks update on the OpenSSL vulnerability called “Heartbleed"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
04-12-2014 03:07 AM
Patches will be available for all affected products by Monday (4/14). Reference Extreme Network CERT VU#720951 Vulnerability Advisory note for additional details. http://learn.extremenetworks.com/rs/extreme/images/CERT_VU%23720951_Vulnerability_Advisory_04_11_201...
18 REPLIES 18
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
04-14-2014 12:19 PM
I got the confirmation mail by saying that it has been uploaded. Can you please check again in our esupport web portal?
Thanks
Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
04-14-2014 11:12 AM
still no able to see the Patch 1-10 release
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
04-14-2014 03:26 AM
Extreme switch won’t be affected as long as “https” is disabled like below test result but it is strongly recommended not to use the version which does not have the patch. Below is the result of the nmap to identify the vulnerability.
#####################################
nmap -sV -p 443 --script=ssl-heartbleed.nse 10.120.120.90
Starting Nmap 6.45 ( http://nmap.org ) at 2014-04-14 12:15 SGT
Warning: File ./nmap-services exists, but Nmap is using /usr/local/bin/../share/nmap/nmap-services for security and consistency reasons.
set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too).
Nmap scan report for 10.120.120.90
Host is up (0.0016s latency).
PORT STATE SERVICE VERSION
443/tcp closed https
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.46 seconds
#####################################
#####################################
* X440-24t-10G-USB2.16 # sh "Mgmt"
Primary IP: 10.120.120.90/24
* X440-24t-10G-USB2.11 # sh ver
Switch : 800475-00-10 1323N-44095 Rev 10.0 BootROM: 2.0.1.7 IMG: 15.4.1.3
PSU-1 : Internal Power Supply
PSU-2 :
Image : ExtremeXOS version 15.4.1.3 v1541b3-patch1-1 by release-manager
on Fri Jan 17 15:25:46 EST 2014
BootROM : 2.0.1.7
Diagnostics : 6.3
* X440-24t-10G-USB2.12 # sh management
CLI idle timeout : Enabled (20 minutes)
CLI max number of login attempts : 3
CLI max number of sessions : 8
CLI paging : Enabled (this session only)
CLI space-completion : Disabled (this session only)
CLI configuration logging : Disabled
CLI scripting : Disabled (this session only)
CLI scripting error mode : Ignore-Error (this session only)
CLI persistent mode : Persistent (this session only)
CLI prompting : Enabled (this session only)
Telnet access : Enabled (tcp port 23 vr all)
: Access Profile : not set
SSH access : Enabled (Key valid, tcp port 22 vr all)
: Access Profile : not set
Web access : Disabled (tcp port 80)
: Access Profile : not set
Total Read Only Communities : 1
Total Read Write Communities : 1
RMON : Disabled
SNMP access : Enabled
: Access Profile : not set
SNMP Compatibility Options :
GETBULK Reply Too Big Action : Too Big Error
SNMP Traps : Enabled
SNMP v1/v2c TrapReceivers : None
SNMP stats: InPkts 0 OutPkts 0 Errors 0 AuthErrors 0
Gets 0 GetNexts 0 Sets 0 Drops 0
SNMP traps: Sent 0 AuthTraps Enabled
SNMP inform: Sent 0 Retries 0 Failed 0
* X440-24t-10G-USB2.14 # disable web https
SSL Module: Not Installed
#####################################
http://hackertarget.com/testing-heartbleed-with-the-nmap-nse-script/ Used the script from this website.
#####################################
nmap -sV -p 443 --script=ssl-heartbleed.nse 10.120.120.90
Starting Nmap 6.45 ( http://nmap.org ) at 2014-04-14 12:15 SGT
Warning: File ./nmap-services exists, but Nmap is using /usr/local/bin/../share/nmap/nmap-services for security and consistency reasons.
set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too).
Nmap scan report for 10.120.120.90
Host is up (0.0016s latency).
PORT STATE SERVICE VERSION
443/tcp closed https
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.46 seconds
#####################################
#####################################
* X440-24t-10G-USB2.16 # sh "Mgmt"
Primary IP: 10.120.120.90/24
* X440-24t-10G-USB2.11 # sh ver
Switch : 800475-00-10 1323N-44095 Rev 10.0 BootROM: 2.0.1.7 IMG: 15.4.1.3
PSU-1 : Internal Power Supply
PSU-2 :
Image : ExtremeXOS version 15.4.1.3 v1541b3-patch1-1 by release-manager
on Fri Jan 17 15:25:46 EST 2014
BootROM : 2.0.1.7
Diagnostics : 6.3
* X440-24t-10G-USB2.12 # sh management
CLI idle timeout : Enabled (20 minutes)
CLI max number of login attempts : 3
CLI max number of sessions : 8
CLI paging : Enabled (this session only)
CLI space-completion : Disabled (this session only)
CLI configuration logging : Disabled
CLI scripting : Disabled (this session only)
CLI scripting error mode : Ignore-Error (this session only)
CLI persistent mode : Persistent (this session only)
CLI prompting : Enabled (this session only)
Telnet access : Enabled (tcp port 23 vr all)
: Access Profile : not set
SSH access : Enabled (Key valid, tcp port 22 vr all)
: Access Profile : not set
Web access : Disabled (tcp port 80)
: Access Profile : not set
Total Read Only Communities : 1
Total Read Write Communities : 1
RMON : Disabled
SNMP access : Enabled
: Access Profile : not set
SNMP Compatibility Options :
GETBULK Reply Too Big Action : Too Big Error
SNMP Traps : Enabled
SNMP v1/v2c TrapReceivers : None
SNMP stats: InPkts 0 OutPkts 0 Errors 0 AuthErrors 0
Gets 0 GetNexts 0 Sets 0 Drops 0
SNMP traps: Sent 0 AuthTraps Enabled
SNMP inform: Sent 0 Retries 0 Failed 0
* X440-24t-10G-USB2.14 # disable web https
SSL Module: Not Installed
#####################################
http://hackertarget.com/testing-heartbleed-with-the-nmap-nse-script/ Used the script from this website.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
04-12-2014 01:30 PM
ExtremXOS 15.4.1.3-patch1-10 has been released and it is ready to download.
