• Support
  • Forums
  • Blogs

Vulnerability observed on OSSIM server

ShahnawazShahnawaz

We have been highlighted with the open vulnerability "Medium ndl-aas (3128/tcp) - “NVT: Squid 'DNS'
Reply Remote Buffer Overflow Vulnerability”
" exist on the OSSIM server which is Debian OS.

Need help if this is required to be closed or its application dependent.

What i mean by "application dependent" is whether squid service required to running on the server which indirect required by OSSIM AlienVault as a whole to function efficiently.

Need suggestion at the earliest to close this as soon as possible.


Regards,
Shahnawaz 

Share post:

Answers

  • awaiting reverts...please
  • edited February 2017
    Hi @shahnawaz

    What version of OSSIM are you using? Was this found by running a vulnerability scan on OSSIM? Do you have the CVE identifier? 

    I believe this is a false-positive - OSSIM v5.2.3 is currently running Squid 3.4.8-6+deb8u2 which should not be vulnerable. 
Sign In or Register to comment.