MAA - Patch for SSLv3 disable CVE-2014-3566
Article ID: 168190
Updated On:
Products
Malware Analysis Software - MA
Issue/Introduction
This article describes the installation of the Patch for CVE-2014-3566
Note: Only install this patch if you are running MAG2 v3.5.x or older! SSLv3 is already disabled on MAA versions 4.x and greater.
Note: Only install this patch if you are running MAG2 v3.5.x or older! SSLv3 is already disabled on MAA versions 4.x and greater.
Resolution
Copy the attached file poodlefix.sh to your MAG2 Appliance's /tmp folder.
Login to your MAG2 appliance using the g2 user.
Run these commands to disable SSL v3:
[email protected]:/tmp$ sudo ./poodlefix.sh
[sudo] password for g2:
Console Output will look like this:
SSLv3 is enabled on this server. Disabling it..
Restarting web server..
Verifying SSL connection..
- SSL TLS1.2 working
- SSLv3 disabled
SSLv3 disabled on this server. System is safe.
Login to your MAG2 appliance using the g2 user.
Run these commands to disable SSL v3:
[email protected]:/tmp$ sudo ./poodlefix.sh
[sudo] password for g2:
Console Output will look like this:
SSLv3 is enabled on this server. Disabling it..
Restarting web server..
Verifying SSL connection..
- SSL TLS1.2 working
- SSLv3 disabled
SSLv3 disabled on this server. System is safe.
Attachments
Feedback
Yes
No
Powered by
