Quantcast
Channel: WampServer - WampServer English
Viewing all articles
Browse latest Browse all 3177

Vulnerability (2 replies)

$
0
0
Hi ,

I am running WAMP Server and was recently identified to have the following vulnerabilities with Apache Server:


38626 - Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
38603 - SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE)
42366 - SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)


Solution:

Upgrade the apache OpenSSL 1.0.1 to 1.0.1t.
SSL configuration in Apache:
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
Add -SSLv3 to the "SSLProtocol" line

Can you please help how I can upgrade the OpenSSL in WAMP and set the above SSL Configuration.

Thank you,
Anand

Viewing all articles
Browse latest Browse all 3177

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>