• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved SSL issue CVE-2016-2107

S

stefanoostwegel

Basic Pleskian
Dear all,

I have found out my server is vulnarable for SSL issue CVE-2016-2107.
This should be resolved in plesk 12.5.30 #37 on Centos5

I am running plesk 12.5.30 #42 on centos5 but SSLLABS shows me that this issue is still present.
There is no article on how to solve this issue, as it had been resolved in #37.
Any suggestiong how to fix this?

thank you
 
Hello,

Could you give the output of the following commands to find out a cause of the problem?
Code: 
rpm -qf `which nginx`
nginx -V
rpm -qf /usr/lib64/httpd/modules/mod_ssl.so
strings /usr/lib64/httpd/modules/mod_ssl.so | grep 'OpenSSL [0-9]' --max-count=1
 
[****@************* ~]# rpm -qf `which nginx`
sw-nginx-1.11.1-centos6.16080113.x86_64
[****@************* ~]# nginx -V
nginx version: nginx/1.11.1
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/usr/share --sbin-path=/usr/sbin/nginx --conf-path =/etc/nginx/nginx.conf --modules-path=/usr/share/nginx/modules --error-log-path= /var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --lock-path=/ var/lock/nginx.lock --pid-path=/var/run/nginx.pid --http-client-body-temp-path=/ var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy- temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http- uwsgi-temp-path=/var/lib/nginx/uwsgi --user=nginx --group=nginx --with-ipv6 --wi th-file-aio --with-http_v2_module --with-http_ssl_module --with-http_realip_modu le --with-http_sub_module --with-http_dav_module --with-http_gzip_static_module --with-http_stub_status_module --add-dynamic-module=/usr/share/passenger/ngx_htt p_passenger_module
[****@************* ~]# rpm -qf /usr/lib64/httpd/modules/mod_ssl.so
mod_ssl-2.2.15-54.el6.centos.x86_64
[****@************* ~]# strings /usr/lib64/httpd/modules/mod_ssl.so | grep 'OpenSSL [0-9]' --max-count=1
 
You must log in or register to reply here.

Similar threads

M
Question Nginx Bind () issue
Replies
2
Views
174
maximus99
M
Lenny
Resolved Seeking Assistance with API Communication Issues via SSL on Plesk
Replies
4
Views
673
Lenny
Lenny
D
Issue Hello, I would like to login to my Plesk, however there is a problem that I cannot determine.
Replies
2
Views
4K
dakrueger
D
carlsson
Issue Can't issue SSL certificate!? Help!
Replies
5
Views
263
Peter Debik
P
kaw.one
Question (VPS) Cloudflare, Gmail and Other Plesk Panel 8443 (2 minutes - slow read)
Replies
1
Views
586
kaw.one
kaw.one
Back
Top