Hi all
i have issue from my customer about vulnerability of ProxySG my customer have ProxySG S200-30 SGOS 6.6.4.3
they send about data of vulnerability you can see from picture as below
they find CVE-2000-0649 , CVE-2016-2017 , CVE-2016-6329 , CVE-2016-2183 on that appliance.
for CVE-2016-2017 i checked on symantec support follow this link >> https://www.symantec.com/security-center/network-protection-security-advisories/SA123
i cut information concern about proxySG from that link
ProxySG
ProxySG 6.5 prior to 6.5.9.8 and 6.6 prior to 6.6.4.1 are vulnerable to CVE-2016-2108 and CVE-2016-2109. They are also vulnerable to CVE-2016-2107 when running on an AESNI-capable hardware platform. See the Advisory Details section for more details. ProxySG 6.7 is not vulnerable.
Patches:
ProxySG
ProxySG 6.6 - a fix is available in 6.6.4.1 but my customer use SGOS 6.6.4.3 why still find this vulnerability.
plese kindly to provide how to fix this issue or work around.
so CVE-2016-6329 , CVE-2016-2183 . i will work around follow this link >> https://www.symantec.com/security-center/network-protection-security-advisories/SA133
Best Regards,
Chakuttha R.