cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

I attempted replacing the files with 1.0.1g as well on an agent handler and while the process was sucessful, the vulnerability still existed according to nexpose

Highlighted
Level 11
Report Inappropriate Content
Message 22 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

If its public facing test it from this site. Also, you might need to bounce services or the box to clear the memory.

http://filippo.io/Heartbleed/

Highlighted
Level 9
Report Inappropriate Content
Message 23 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

I'm not going to potentially screw up tens of thousands of agents with an 'unsupported' fix... I need an official hotfix/patch or advisory from McAfee. NOW.

It's just ridiculous that McAfee can't manage to publish a list of ALL affected products within reasonable time, let alone a hotfix/patch within 48h.

Highlighted
Level 11
Report Inappropriate Content
Message 24 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Gotta weigh your options. Whats the potential data loss ? Is that risk greater then trying an unsupported fix ? I agree Mcafee should have a fix by now.

Highlighted
Level 9
Report Inappropriate Content
Message 25 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Well that's the point.. how big is the risk? I honestly don't know.

But I'm not going to try anything on my own, this is an enterprise application.

Thousands of clients worldwide, zero space for experiments.

Level 11
Report Inappropriate Content
Message 26 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Do you have a test environment ? You could try it there first.

Highlighted

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

I was in our test environment in our attmepts to repair. wasn't about to try an non approved solution in production especially if the potential data loss is minimal. on a side note if anyone is running NSM there was an updated UDS signature released last night. we found the initial signature ineffective in detecting the attack when using http://filippo.io/Heartbleed/. thanks for all the input!

Highlighted
Level 9
Report Inappropriate Content
Message 28 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Of course I do have a test environment.. but why should I try to fix it on my own? I'm a customer.

Try and error is certainly the wrong method to solve this problem.

Highlighted
Level 11
Report Inappropriate Content
Message 29 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Well.. if you have a test environment that mirrors production, and you test it there and it works without issue, and you backup the files you are replacing just in case, then thats a pretty good indication it will work smoothly in prod. So, I'm not sure that could be called trial and error. If you have banking passwords to protect then I would suggest going this route asap. The worst that could happen is brief outage to your EPO reporting.

If your site protects unimportant data, like the names children have chosen for their Build-a-Bears for the past year, then wait. Shame on us all for using Mcafee products to start with.

Justin

Highlighted

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

"Shame on us all for using Mcafee products to start with."

Agreed, it is an embarrassment that we had to resort to using unofficial patches but since McAfee will not even bother to acknowledge that ePO is vulnerable what choice do we have?  Is security through obscurity the new mantra for McAfee?.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community