Scan OpenSSL Heartbleed Vulnerability using namp

[Wesley Yee Kok Choon <wesley.yee () cimb com>]

Dear all

 We are using using nmap to scan OpenSSL Heartbleed Vulnerability in our 
servers. 



There has been reports on a few cases from FS-ISAC (
https://www.fsisac.com/) that McAfee Vulnerability Manager (Foundstone) 
scan script for the OpenSSL HeartBleed has caused  a large number of HP 
iLO cards to become unresponsive. HP does not appear to have released any 
information regarding this issue.   
May I know if nmap has the issue to scan HP servers that has HP iLo card? 






From:
Fyodor <fyodor () nmap org>
To:
Wesley Yee Kok Choon <wesley.yee () cimb com>
Date:
04/16/2014 11:14 AM
Subject:
Re: Scan OpenSSL Heartbleed Vulnerability using namp



On Tue, Apr 15, 2014 at 8:04 PM, Wesley Yee Kok Choon <wesley.yee () cimb com
> wrote:


We are using using nmap to scan OpenSSL Heartbleed Vulnerability in our 
servers. 



There has been reports on a few cases from FS-ISAC (
https://www.fsisac.com/) that McAfee Vulnerability Manager (Foundstone) 
scan script for the OpenSSL HeartBleed has caused  a large number of HP 
iLO cards to become unresponsive. HP does not appear to have released any 
information regarding this issue.   

May I know if nmap has the issue to scan HP servers that has HP iLo card? 


 
Thanks for your question, suggestion, or report, but I think your best bet 
is to resend it to the Nmap development mailing list (dev () nmap org) 
instead.  That list is preferable for a few reasons:

o It has more than 2,000 members, so someone else may be able to resolve 
your question or issue instead of or more quickly than I can.

o Answers are archived at http://SecLists.Org and indexed by search 
engines, which reduces the number of times we have to answer the same 
questions.

o We use the mailing list to track issues which need to be resolved.

You are most likely to get an answer if your email includes all relevant 
details.  See http://insecure.org/nmap/man/man-bugs.html for the type of 
information which is frequently useful.

You can send a mail to the list without subscribing, but you will then 
need to read the archive at http://seclists.org/nmap-dev/ so you don't 
miss replies.  Your best bet is to subscribe first at 
http://nmap.org/mailman/listinfo/dev.

Sorry for the form letter, but there are millions of Nmap users and I 
can't support them all myself.  But I and many other developers and 
volunteers track the Nmap dev list closely.

Cheers,
Fyodor



******************************************************************************************************************************************************
Privileged/confidential information may be contained in this message. If this message is received by anyone other than 
the intended addressee, please return the message to the sender by replying to it and then delete the message from your 
computer.  Unintended recipients are prohibited from taking action on the basis of information in this e-mail. No 
confidentiality or privilege is waived or lost by CIMB Group including its affiliates (CIMB Group) by any 
mistransmission of this e-mail. CIMB Group does not accept responsibility or liability for the accuracy or completeness 
of, or presence of any virus or disabling code in, this e-mail. CIMB Group reserves the right to monitor e-mail 
communications through its networks (in accordance with applicable laws). Opinions, conclusions, statements and other 
information in this message that do not relate to the official business of CIMB Group shall be understood as neither 
given nor endorsed by it. 

CIMB Group Sdn Bhd (incorporated in Malaysia, (Company  No: 706803-D)). Registered Office: 17th Floor, Menara CIMB,  
Jalan Stesen Sentral 2, Kuala Lumpur Sentral, 50470 Kuala Lumpur, Malaysia. 
Visit our website at www.cimb.com
******************************************************************************************************************************************************

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/