|
|||
|
OpenSSL banner / PCI compliance
For my company's latest compliance audit, we had a vulnerability test run against our server. The test reports that we're running Openssl 0.9.7a and that there is a "High" security risk related to that.
From speaking to other cPanel users and reading the forums, I've learned that cPanel builds a "patched version" and that even though the hbanner says 0.9.7a, it's really got the fix for that vulnerability. So ... 1) how can I know that for sure, besides taking peoples' word for it, and 2) Where is some documentation to back it up, suitable for presenting in an audit report? 3) if it happens to really be running an older, unpatched version of openSSL, is there ay way in cPanel to fix it? |
|
||||
|
Indeed. You will find the relevant information over on redhat.com, though their site is a nightmare to navigate.
__________________
Jonathan Michaelson cPanel Forum Moderator Need your cPanel servers secured and tuned? cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf http://www.configserver.com |
![]() |
| Thread Tools | |
| Display Modes | |
|
|