Trustwave False Positives

Trustwave lists out potential issues in the "Vulnerabilities Noted" on their scan. One of the most common issues with this scan is that they attempt to look for version numbers of software.

Below is a list of the most common FALSE positive "Vulnerabilities" flagged by Trustwave and the correct answer for when you dispute them. 

Vulnerabilities Noted:
# OpenSSH SSHFP DNS resource record look up bypass in the client, CVE-2014-2653
Answer

I am using updated/backported software

Comment

The vulnerability is patched. The correctly installed packages for CENTOS are installed.

openssh.x86_64 5.3p1-118.1.el6_8

Version numbers are meaningless in Linux please review https://access.redhat.com/security/updates/backporting/
 

# OpenSSH SSHFP DNS 5.80 resource record look up bypass in the client

Answer

I am using updated/backported software

Comment

The vulnerability is patched. The correctly installed packages for CENTOS are installed.

openssh.x86_64 5.3p1-118.1.el6_8

Version numbers are meaningless in Linux please review https://access.redhat.com/security/updates/backporting/

# OpenSSH socket exhaustion denial of service

Answer

I am using updated/backported software

Comment

The vulnerability is patched. The correctly installed packages for CENTOS are installed.

openssh.x86_64 5.3p1-118.1.el6_8

Version numbers are meaningless in Linux please review https://access.redhat.com/security/updates/backporting/

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.