188金宝搏的网址_188金博的官方网址导航

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aruba产品安全咨询===============================咨询ID: Aruba - psa -2015-008 CVE: CVE-2015-1793发布日期:2015- 7 -09状态:已确认，最终修订:2 Title ===== OpenSSL Alternative chains证书伪造概述======== OpenSSL存在严重漏洞。有关更多细节，请参阅http://openssl.org/news/secadv_20150709.txt上最初的OpenSSL建议。受影响======== - ClearPass 6.5.2未受影响的Aruba产品========================= - ClearPass - ArubaOS的其他版本(包括控制器和移动接入交换机)- AirWave - Aruba Instant - Aruba Central - VIA - Meridian Details ======= 2015年7月9日，OpenSSL项目报告了OpenSSL的某些版本存在严重漏洞。该漏洞影响证书信任链的处理。ClearPass 6.5.2版本于2015年6月26日发布，包含OpenSSL 1.0.1o版本，该版本受到漏洞的影响。这个漏洞的严重性取决于ClearPass是如何被使用的:用例严重性--------------------------------------------- --------------- EAP-TLS认证关键管理证书认证关键非证书认证低使用证书认证时，攻击者可能会潜在地利用这个漏洞获得对网络资源的未经授权的访问。 Resolution ========== A patch for ClearPass 6.5.2 has been made available to address this issue. Please use any of the methods listed below to install the patch. Installing the Patch Online Using the Software Updates Portal: 1. Open ClearPass Policy Manager and go to Administration > Agents and Software Updates > Software Updates. 2. In the Firmware and Patch Updates area, find the 'OpenSSL fix for CVE-2015-1793' patch and click the Download button in its row. 3. Click Install. 4. When the installation is complete and the status is shown as Needs Restart, proceed to restart ClearPass. After reboot, the status for the patch will be shown as Installed. The ClearPass Policy Manager version number will not change. Installing the Patch Offline Using the Patch File from support.arubanetworks.com and HTTP: 1. Download the 'OpenSSL fix for CVE-2015-1793 for ClearPass 6.5.2� patch from the Support site. 2. Post the patch file to a local HTTP server. 3. Open an SSH session to the ClearPass appliance using the �appadmin� account. 4. Type 'system update �i �5。安装完成后，发出�system restart'。重启后，补丁的状态将显示为“已安装”。ClearPass策略管理器的版本号不会改变。通过support.arubanetworks.com和SCP提供的补丁文件离线安装补丁。从支持网站下载“CVE-2015-1793 ClearPass 6.5.2的OpenSSL补丁”。2.将补丁文件发布到本地SCP服务器。3.使用appadmin帐号打开ClearPass设备的SSH会话。 4. Type 'system update �i < user@ “5。安装完成后，发出�system restart'。重启后，补丁的状态将显示为“已安装”。ClearPass策略管理器的版本号不会改变。通过support.arubanetworks.com提供的补丁文件离线安装补丁。从支持网站下载“CVE-2015-1793 ClearPass 6.5.2的OpenSSL补丁”。2.打开ClearPass策略管理器管理界面，进入管理>代理和软件更新>软件更新。在“固件和补丁更新”区域框底部，单击“导入更新”，浏览已下载的补丁文件。4. Click Install. 5. When the installation is complete and the status is shown as Needs Restart, proceed to restart ClearPass. After reboot, the status for the patch will be shown as Installed. The ClearPass Policy Manager version number will not change. Obtaining Fixed Software ======================== Aruba customers can obtain software updates on the support website: http://support.arubanetworks.com Aruba Support contacts are as follows: +1-800-WiFiLAN (1-800-943-4526) (toll free from within North America) +1-408-754-1200 (toll call from anywhere in the world) The full contact list is at: //www.nexbus-cng.com/support-services/support-program/contact-support/ e-mail: support(at)arubanetworks.com Please do not contact "sirt(at)arubanetworks.com" for software upgrades. Revision History ================ Revision 1.0 / 2015-Jul-09 / Initial release Revision 2.0 / 2015-Jul-14 / Updated to add resolution instructions. Aruba SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in Aruba Networks products, obtaining assistance with security incidents is available at: //www.nexbus-cng.com/support-services/security-bulletins/ For reporting *NEW* Aruba Networks security issues, email can be sent to sirt(at)arubanetworks.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: //www.nexbus-cng.com/support-services/security-bulletins/ (c) Copyright 2015 by Aruba Networks, Inc. This advisory may be redistributed freely after the release date given at the top of the text, provided that redistributed copies are complete and unmodified, including all date and version information. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVpXsvAAoJEJj+CcpFhYbZTHsH/1NMC9ppX3iHMkHMKMy3iqwy h4c22siYN0TvWPY9FniylBuFgKFfy2S0EuWoYelRoPizm0bR4owMr6UtaLfwfiem arwRSbm+A4Gb4bX9yFRBtRNdrrSO8J/mvq9gsRYQz0JeRFmI11DsJBEsSpMkoOgV 71VtP8FFLaazsR6rvXoL/zS1jv4fWz++t22cT6bElWrWI2MZU97N5DV2o20bLyaF lOHU8ESNVR0NS+qutItyY6ao+plwF/nRacXnKzcSc3L8xOl8ulJL2GNpHBEKIReU TSQ2ChO1t30BeRz0X5qnMzwsyr9cJC7lnWk9YZxX7JZNFOj4tDaJ7SSpN0DWpDk= =dma1 -----END PGP SIGNATURE-----