Nmap Development mailing list archives
Scan OpenSSL Heartbleed Vulnerability using namp
From: Wesley Yee Kok Choon <wesley.yee () cimb com>
Date: Wed, 16 Apr 2014 11:25:54 +0800
Dear all We are using using nmap to scan OpenSSL Heartbleed Vulnerability in our servers. There has been reports on a few cases from FS-ISAC ( https://www.fsisac.com/) that McAfee Vulnerability Manager (Foundstone) scan script for the OpenSSL HeartBleed has caused a large number of HP iLO cards to become unresponsive. HP does not appear to have released any information regarding this issue. May I know if nmap has the issue to scan HP servers that has HP iLo card? From: Fyodor <fyodor () nmap org> To: Wesley Yee Kok Choon <wesley.yee () cimb com> Date: 04/16/2014 11:14 AM Subject: Re: Scan OpenSSL Heartbleed Vulnerability using namp On Tue, Apr 15, 2014 at 8:04 PM, Wesley Yee Kok Choon <wesley.yee () cimb com
wrote:
We are using using nmap to scan OpenSSL Heartbleed Vulnerability in our servers. There has been reports on a few cases from FS-ISAC ( https://www.fsisac.com/) that McAfee Vulnerability Manager (Foundstone) scan script for the OpenSSL HeartBleed has caused a large number of HP iLO cards to become unresponsive. HP does not appear to have released any information regarding this issue. May I know if nmap has the issue to scan HP servers that has HP iLo card? Thanks for your question, suggestion, or report, but I think your best bet is to resend it to the Nmap development mailing list (dev () nmap org) instead. That list is preferable for a few reasons: o It has more than 2,000 members, so someone else may be able to resolve your question or issue instead of or more quickly than I can. o Answers are archived at http://SecLists.Org and indexed by search engines, which reduces the number of times we have to answer the same questions. o We use the mailing list to track issues which need to be resolved. You are most likely to get an answer if your email includes all relevant details. See http://insecure.org/nmap/man/man-bugs.html for the type of information which is frequently useful. You can send a mail to the list without subscribing, but you will then need to read the archive at http://seclists.org/nmap-dev/ so you don't miss replies. Your best bet is to subscribe first at http://nmap.org/mailman/listinfo/dev. Sorry for the form letter, but there are millions of Nmap users and I can't support them all myself. But I and many other developers and volunteers track the Nmap dev list closely. Cheers, Fyodor ****************************************************************************************************************************************************** Privileged/confidential information may be contained in this message. If this message is received by anyone other than the intended addressee, please return the message to the sender by replying to it and then delete the message from your computer. Unintended recipients are prohibited from taking action on the basis of information in this e-mail. No confidentiality or privilege is waived or lost by CIMB Group including its affiliates (CIMB Group) by any mistransmission of this e-mail. CIMB Group does not accept responsibility or liability for the accuracy or completeness of, or presence of any virus or disabling code in, this e-mail. CIMB Group reserves the right to monitor e-mail communications through its networks (in accordance with applicable laws). Opinions, conclusions, statements and other information in this message that do not relate to the official business of CIMB Group shall be understood as neither given nor endorsed by it. CIMB Group Sdn Bhd (incorporated in Malaysia, (Company No: 706803-D)). Registered Office: 17th Floor, Menara CIMB, Jalan Stesen Sentral 2, Kuala Lumpur Sentral, 50470 Kuala Lumpur, Malaysia. Visit our website at www.cimb.com ******************************************************************************************************************************************************
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Scan OpenSSL Heartbleed Vulnerability using namp Wesley Yee Kok Choon (Apr 15)
- Re: Scan OpenSSL Heartbleed Vulnerability using namp Daniel Miller (Apr 16)
- <Possible follow-ups>
- Scan OpenSSL Heartbleed Vulnerability using namp Wesley Yee Kok Choon (Apr 16)