Does anyone know if Astaro ASG V8 is susceptible to BEAST (Browser Exploit Against SSL/TLS) style attacks? A recent security scan of our site flagged this vulnerability on port 465 of our box, which I think is used by the mail proxy.
From my limited understanding of BEAST, this vulnerability can only be exploited in very restricted circumstances in HTTPS sessions, so this security scan result is most likely a false positive - but does anyone know of a definitive statement of some sort that I could show to my superiors?
If this really is an issue, has it been addressed in UTM9?
Thanks for any light anyone can shine on this.
Ifor
From my limited understanding of BEAST, this vulnerability can only be exploited in very restricted circumstances in HTTPS sessions, so this security scan result is most likely a false positive - but does anyone know of a definitive statement of some sort that I could show to my superiors?
If this really is an issue, has it been addressed in UTM9?
Thanks for any light anyone can shine on this.
Ifor