PCI scan fails, claiming MS10-070 vulnerability

Similar Messages

• Trustwave PCI scan failed for scan interference on Sonicwall NSA E5500 firewall

  We've started having Trustwave do monthly PCI network vulnerability scans. The last couple months we've passed, but this month it failed for "Scan Interference Detected." This is their recommendation:During the course of the scan, TrustKeeper detected a change in its ability to communicate with some services on the remote host. In some cases, this may be caused by network security devices actively blocking the vulnerability scan, which it may perceive as a threat. In other cases, an intermediate network device, or the host itself, may be unable to cope with the vulnerability scan.It's often very difficult to tell the difference between these two scenarios, but in either case, this behavior significantly impacts the ability of this vulnerability scanning service to detect vulnerabilities on the remote host, resulting in an inconclusive...
  This topic first appeared in the Spiceworks Community

  You're correct that the RV042 router's implementation of SSL is weak.
  Stepping back, why do you need an SSL key on your router? Assuming there's a good reason that can't be met via other techniques, can you implement a compensating control (such as an ACL) to mitigate the risk and thus meet that compliance requirements?
  If not, then you would need to move the function to a more secure device - the new ASA 5506 might be one such candidate. Your local Cisco partner should be able to help you with product selection based on a more in-depth analysis of your environment and requirements

• Fully patched SBS failiing PCI scan for MS10-070

  I have a fully patched SBS 2011 server that is failing our PCI compliancy scan due to MS10-070. I am not sure how to clear this issue as it appears I have applied all patches to date. All help is appreciated.

  I too am having this very same problem with an SBS 2011 and a Trustwave PCI Scan. Same scan failure, MS10-070.
  I do not have .NET 4.5 installed either.
  According to ASoft .NET Version Detector, I have the following:
  <32Bit>
  2.0.50727.5737
    ->C:\Windows\Microsoft.NET\Framework\v2.0.50727
  4.0.30319.296
    ->C:\Windows\Microsoft.NET\Framework\v4.0.30319
  <64Bit>
  2.0.50727.5737
    ->C:\Windows\Microsoft.NET\Framework64\v2.0.50727
  4.0.30319.296
    ->C:\Windows\Microsoft.NET\Framework64\v4.0.30319
  < Installed .NET Frameworks >
  .NET FW 2.0 SP 2 (CLR:2.0)
  .NET FW 3.0 SP 2 (CLR:2.0)
  .NET FW 3.5 SP 1 (CLR:2.0)
  .NET FW 4.0 Client (CLR:4.0)
  .NET FW 4.0 Full (CLR:4.0)
  The "evidence" listed by trust wave is as follows:
  https://xx.xx.xx.xxx/Remote/ScriptResource.axd?d=lXZlKIAaV2DQCh8KTxGhBga0MRSGLTRT9DSz8blSZp-D_-ZPudrzAKWqHdY35UWsutw3Ntl-4wvao6MPLFScquOdB1ltjYYHOqxwXXy4-cMH0botA64x54vVSrQvbWfqeeqj1b7G7AQhZLaT-GYmx1N5BV60glFQdELeLVBMDvHtrJqdKd8_uVn0Dbduk18U0&t=ffffffff940d030f
  https://xx.xx.xx.xxx/Remote/ScriptResource.axd?d=p6YZ1NuXPX8YwTxRRD40xEKpXBuPB3YUgQ3hjNGQxb_5tTy2dU9nG0cHEomkwkiNf4PP8G6eTLYZjXf70cl8npvIQIjbTj1Gi4nA5G5YYhpWctDt3JQRY9yZV6x9RNeD2_PoFyDJ8BBhYAlkHyfqLGzUUYBmdjuVdkzZFPoZMXQ1&t=ffffffff940d030f
  https://xx.xx.xx.xxx/Remote/WebResource.axd?d=exxOBoRssUcc64ztYfy_H0dLRaK691IwOZsT_ZgvH1h4puvZrQFRDaop4RO9S8crNjGUdI2DJaltVrI6S1kcTPACO-elHaY3hv-EIlFENLU1&t=634955083192463937
  When I click on the links of the evidence, I get a page returned full of text. The evidence seems like it is real and not a false positive being that I do get a return. All of my Windows Updates are current, so I really don't know where to go with this.

• PCI Scan

  Good Morning All
  One of our sites just failed a PCI scan for not blocking ICMP type 13 and 14 packets (timestamp). The firm that conducted the scan also is asking us to turn off IDS and allow unrestricted access to their external IP address. I am inclined to deny this and cannot understand why this will help. Anyone have any similar experiences with this ?
  Thanks in advance. Bud....

  Bud
  While I feel that ICMP type 13 and 14 (timestamp and timestamp reply) are not so very dangerous, I also appreciate the Security perspective that says the less you reveal about your devices (especially to outsiders) the more secure you are. I would hope that the timestamp issue was not the only reason that the site failed the PCI scan. I would probably go ahead and block these ICMP messages - especially on any outward facing routers.
  I would really ask them about the request to turn off IDS - which strikes me as asking you to take a step backwards in terms of security.
  And I would suggest to them that a IPSec VPN connection from their site to your site would be a much more prudent solution than just granting unrestricted access from their address space.
  HTH
  Rick

• Security: PCI Scan

  Since we run credit cards on our Macs, we are required to run PCI scans on our network. Everything has been fine until today. We now get a fail because:
  "The Mac OS X Finder creates a file called .DS_Store and .FBCIndex in each directory that it views or indexes. Some versions of OS X include system configuration information and file location information in these files. The .DS_Store and .FBCIndex files can be accessed from this server via a web request such as http://IP/.DS_Store and http://IP/.FBCIndex."
  How do I fix this?

  I assumed the problem was that .DS_Store files were being created on the Web Server.
  The .DS_Store files that are written to the web server folders can contain the file names that are on the server. This is a security problem because a hacker could get hold of the .DS_Store file and then attempt to download the files by name. The files would normally be hidden from view, but the DS_Store file contains the full names. However, if your server is running Apache, then it can be configured to not serve out those files, so nobody could download them. Not sure about other web servers.
  Here is some info on the vulnerabilities:
  http://blog.intego.com/2010/02/11/possible-security-issue-involving-ds_store-fil es-on-web-servers/
  http://www.macos.utah.edu/documentation/security/vulnerabilitiesand_solutions/fbcindex_file_contents_disclosurevulnerability.html
  http://osvdb.org/show/osvdb/644

• Virus scan failed Error on deploying a web application having a jar file for calling the applet on the jsp page

  Hi,
  I have an applet application that i want to deploy on the Oracle cloud.
  So i have created a jar file for the applet application and i am using this jar to call the applet on a jsp page.
  But when i am delpoying my application on the java cloud, its giving me the below error:
  2014-10-28 03:16:41 CDT: Starting action "Virus Scan"
  2014-10-28 03:16:41 CDT: Virus Scan started
  2014-10-28 03:16:49 CDT: ----------------------------------------------------------------------
  2014-10-28 03:16:49 CDT: File Scanned: "Application7.ear".
  2014-10-28 03:16:49 CDT: File Size: "106698122".
  2014-10-28 03:16:49 CDT: File Status: "INFECTED".
  2014-10-28 03:16:49 CDT: ----------------------------------------------------------------------
  2014-10-28 03:16:49 CDT: Virus scan failed.
  2014-10-28 03:16:49 CDT: "Virus Scan" complete: status FAILED
  Can't we deploy any application having applet or swing component's onto the cloud?
  Or do we need to request for any extra permissions for the same?
  Thanks,
  Manoj

  I don't see applets mentioned in the supported features nor in the unsupported features so not sure if they are supported you would likely need to contact the operations team to confirm.
  Jani Rautiainen
  Fusion Applications Developer Relations
  https://blogs.oracle.com/fadevrel/

• Scanning failed

  i am using a kodak i40 scanner. when i scan a document in (150dpi, grayscale, simplex) thru kodak's scan validation tool, it works great.
  when i switch to acrobate 8.1.2 pro, it get one of two messages: scanning failed or file cannot be found. the page feeds thru ok, pauses 3 - 4 seconds, then the error messages. I've tried this with both hiding and using the scanners native interface. \
  I've tested scanning directly into adobe photoshop also. no problems.
  this seems isolated to acrobate 8 professional. i purchased full pro edition. i was using acrobat 5.0 without any problems, with this scanner.
  I am using the same setup with a panasonic KV-S1025C and no problems. I prefer the i40 for a number of reasons, depending on the job, so reverting everything to the panasonic is not desired.
  any suggestions?
  roxylee

  I had found your step 1 in a thread online before my post on this forum.  It did allow the install to continue, but at the end of the process I could not connect to the printer.
  After using the MS Fix-it in step 2, the install was successful.
    Thank you!
    moreamused  

• Scan failed message kodak i40 acrobat 8.0

  Ive just purchased Acrobat 8.0. I was using acrobat 5.0 with a Kodak i40 scanner. Scanning directly into acrobat with 5.0 was no problem.
  Since uninstalling 5.0 and installeing 8.0 (and rebooting in between), acrobat gives me a scan failed error message, without any details or links.
  Kodak supplies a test scan validation program and that works fine, the scans are successful within that program.
  Ive downloaded the latest drivers for the scanner, both software and firmware and successfully installed. Ive done a repair reinstall of Acrobat 8.0. None of the steps has had an affect. Kodak tells me its an acrobat problem because the scanner is working fine with the validation tool that they supply.
  Any suggestions?
  Thanks for the help.
  roxylee

  The Kodak i40 was QA'd for Acrobat 8 -- do you have all the latest updates? Have you tried the suggestions in the Troubleshooting scanner issues (Acrobat 8 on Windows) at:http://kb.adobe.com/selfservice/viewContent.do?externalId=325262&sliceId=2
  One suggestion you might try first is to create a new user account since you've successfully scanned into Acrobat before. Your user account may have since been corrupted, causing problems when you scan. Create a new user account with administrative privileges, and then log into Windows using the new account.

• Overview scan failed to complete on HP 8610

  I am using MAC OS-X Yosemite 10.10.2. Printer works great. Scanning is sporatic. Works one minute and not the next.  Software is updated for both operting system and printer. A message appears "Overview scan failed to complete". The printer is set to scan to computer.  It was working fine this morning and now I can't get it to scan. I have unplugged  and restarted the computer and printer numerous times. What is the issue?  Using Officejet Pro 8610 All in One. There is no issue with the internet. 

  Hello @CIngram! 
  Thanks for posting on the HP Forums!
  I should be able to provide some suggestions that may help resolve the scanning issue!  Is the printer connected Wi-Fi?  I can see you have power cycled the printer and computer but if the printer is connected Wi-Fi its signal travels through the router.  I recommend power cycling the router too.
  You should also ensure scan to computer is still enabled on the Mac.  You can check this in the HP Utility.  To locate the HP Utility click on the Spotlight (Magnifying glass) in the top right corner of the Mac.  Type HP Utility and it should show up as one if the first options.  Within HP Utility should be an option "Manage scan to computer".  Select that and ensure it is enabled.
  If you are still getting the issue then I suggest uninstalling the HP Software. After the software is uninstalled I recommend performing a "repair disk permissions" on your Mac. A repair disk permissions is a utility built in the Mac operating system designed to locate and resolve issues or errors. After the repair disk permission is complete restart your Mac computer and re-install the software.
  To uninstall the HP Software click here: Uninstalling HP Software
  To perform a repair disk permission click here: Repair Disk Permissions
  To Download the HP software click here: HP Officejet 8610 Software and Driver
  Once the install is complete I recommend checking for software updates on the Mac. To check for software updates click the "apple" icon at the to left and click on "app store". In the app store you can click the "updates" icon at the top of the window. Install and Hp or printer updates. After any updates you should restart the computer.
  If you are still getting the issue then you can use Image Capture and initiate the scan from the Mac.  Image Capture is an application in the mac that allows you to scan.  To get Image Capture click on the Spotlight (Magnifying glass) in the top right corner of the Mac.  Type Image Capture and it should show up as one if the first options. Select it and in the window select your printer on the left side.  It may be located under shared.  Once your printer is selected you should get scan options on the right side.  I recommend using Image Capture because you get a lot more settings and options for scanning.
  Thanks again for posting on the HP Forums and let me know how it goes!
  Cbert
  I work on behalf of HP.
  Please click “Accept as Solution” if you feel my post solved your issue, it will help others find the solution.
  Click the “Kudos, Thumbs Up" at the bottom of this post to say “Thanks” for helping!

• Overview Scan failed to complete

  Suddenly I can no longer scan and get a prompt that says 'The overview scan failed to complete'. I rarely use my scanner and have had a couple of updates that may have blocked my ability to scan as I was having no problem a few weeks ago.  No problem printing.  Suggestions?

  Hello , Welcome to the HP Support Forums!
  I understand that you are no longer able to scan from your HP Officejet 6600 e-All-in-One Printer to your Mac OS X 10.9 computer. I would like to assist you today with resolving this issue. Can I please have you follow the steps below to correct any software or driver conflicts that a computer update may have caused.  Step 1: Reset the Print System: To start, I am going to have you Reset the Print System on your Mac as it is important that we have a nice clean slate to work with for troubleshooting. Please click here for instructions on how to perform the Reset. When the website opens follow the steps under 'Resetting the printing system in OS X Lion' as the steps are the same for your Mac OS X 10.9 Operating System. This Reset will remove every printer from your Mac. However, it does not uninstall the printers. Therefore, should you use other printers on this Mac, once the Reset is complete simply ensure that the printers are connected via a USB Cable or Network connected and (+) Add them back in. Do not add your HP Officejet back in at this time. Once the reset is complete, please proceed to the next step.  Step 2: Uninstall Drivers and Software: Next, please click here for steps on how to properly uninstall your printer. Once the site opens select the dropdown for 'Mac OS X v10.6, OS X v10.7, OS X v10.8, and OS X v10.9'  and follow the steps to complete the uninstall process. Once the uninstall is complete, please continue on.  Step 3: Verify and Repair your Disk Permissions on the Mac:
  Open Macintosh HD and go to ApplicationsGo to the Utilities FolderOpen the Disk UtilitySelect the Hard Drive volume you are using (usually on the left)Select Verify Disk PermissionsOnce that process is done, select Repair Disk Permissions Step 4: Check for Apple Updates: Go to AppleSelect System PreferencesSelect Software UpdateClick Update NowInstall your available updatesRestart your computer Step 5: Install Device:  Please click here to download the latest drivers for your OfficejetOnce the website opens please select the Download button on the top leftOnce the download is complete please follow the onscreen instructions to reinstall your printer Once your printer has been successfully reinstalled, please test the scanning function again.  Please respond to this post with the result of your troubleshooting. Best of luck!

• Tech Tool Deluxe 'Surface Scan Failed-'

  Surface scan repeatedly failing, no recent change to iBook settings, I suspect that this problem may have been caused by m-audio software, however I believe it has been properly uninstalled. Advice?
  Error message reads;
  'Surface Scan Failed - 212 errors
  The Surface Scan test will scan the disk for bad blocks.
  Media defects cause this test to fail. You should consider backing up the device, reformatting the media, replacing the data, and then testing again.'
  I am unsure as what this report is prompting me to do. What does the term 'media' mean in this context? Which data should I be trying to replace?
  Please forward any tips on how to resolve this issue.
  <Post Relocated by Moderator>

  When I use the disk utility application the volume passes verification, is this contrary to Tech Tools or are they analyzing different elements of the drive?
  Yes, different, DU is just basically checking part of the drive, where Directory info is stored & such.
  Laptop drives are generally a lot shorter lived than regular drives, which now seem to last 3 to 5 tears.
  Although these errors are present it doesn't seem to be effecting my day to day running of things at the moment...
  There's a Train Wreck coming up ahead though, you can avoid it, or wait 'till it hits!
  Not certain which iBook G4 you have, but here's some ideas on HD replacements...
  http://eshop.macsales.com/MyOWC/Upgrades.cfm?sort=pop&model=198&type=DataStorage&TI=5904&shoupgrds=ShowUpgrades

• Can someone help! PDF export failed claims "pages are too big" they are 8x10??

  Can someone help! PDF export failed claims "pages are too big" they are 8x10??
  I'm trying to export an 100 page magazine, just a small proof right now and I've done this a million times. There are no errors, all my links are good but still it will not save.
  Can anyone help!

  Hi marthah,
  I'd love to help, but need a little more information to go on. Are you converting from or to PDF, and where is this error occurring (in Acrobat, InDesign, or somewhere else)? What operating system/browser are you using?
  Thanks,
  Sara

• Surface Scan Fail (TechTool Deluxe)

  I thought my problem was fixed, but apparently not... my PowerBook works when I first boot it up, but as I use it for a while (or close it and re-open it), things start freezing. Sometimes it can't find my AirPort connection, either.
  Anyway, I ran the TechTool Deluxe that came with AppleCare, and it said the Surface Scan Failed:
  "Media defects cause this test to fail. You should consider backing up the device, reformatting the media, replacing the data, and then testing again."
  Joeuu helped me over in another thread, and I've already archived and installed from the discs, but now that I've backed up all my important files, should I consider erasing and installing? Is that what that message means? Or should I try something else?
  Thanks in advance!

  Good that you have AppleCare still.
  Do you by any chance have .Mac and auto synch? Or any networking going on?
  1. Call and get a case number.
  2. Be patient as they will probably ask you to do things you have already done. Take copious notes as to what we have done and what they ask you to do.
  3. Don't be afraid to ask for a higher level of tech if you get frustrated.
  4. Decide how long you can be without your Book. The fact that it is portable, they will send you a box to use to ship to them.
  Will not hurt to do an erase and install, I'm still wondering why logging in as a new user helped greatly, albeit only for a while--leaned to the software side.
  Hang Tough!
  Joe

• 4630 Scan Failed to complete error - OS X Yosemite

  I bought the 4630 about a month  ago and have tried scanning on 3 different Macs running OSX 10.10.1.  The first scan after initial set up works.  After that, I get either "The overview scan failed to complete" if the Details window is open or "The scanner failed to complete the scan" if the Details window is hidden.  I've tried re-installing the 4630 dozens of times.  I just downloaded the last HP software for it.  Please help.

  Hello @JohnGillen , and thanks for posting on the HP Forums!
  I can see you're experiencing scan issues. I'd love to help with that!
  I have a few steps I'd recommend:
  I would suggest deleting the printer from your print system, using this document: Uninstalling the Printer Software.
  Once you have deleted it, I would suggest verifying and repairing the disk permissions: About Disk Utility's Repair Disk Permissions feature.
  I would also suggest running your Apple updates:  OS X: Updating OS X and Mac App Store apps
  After the updates, I would recommend reinstalling the printer:  HP Officejet 4630 e-All-in-One Printer series Full Feature Software and Drivers.
  Good luck and please let me know how it goes!
  Please click “Accept as Solution " if you feel my post solved your issue, it will help others find the solution.
  Click the “Kudos, Thumbs Up" on the right to say “Thanks" for helping!
  Jamieson
  I work on behalf of HP
  "Remember, I'm pulling for you, we're all in this together!" - Red Green.

• Airport utility scans fail.

  After airport extreme 7.6 firmware upgrade, airport utility scans fail and can't see my airport extreme or airport express. Both of these airports are working, have green lights, have internet access and also iTunes streaming. I'm willing to to downgrade to 7.5.2 but installer also does not see either airport.

  I have had the same kind of problem.
  My main connection to Internet is through my Time Capsule, I also have an Airport Extreme which is used to extend my wireless network to have better coverage, and to have a printer connected.
  It seems that the Airport Extreme goes into sleep mode and thus cannot be seen from Airport Tools - the only way for me was to power off power on and then wait for it to turn up in Airport tools.
  The reason for going into sleep ?? But I only used it wireless, and the with a printer on a network port. I then connected my Mac Mini by cable to one port and that seemed to do the trick :-) meaning som traffic on the ethernet ports - a connected printer does nothing, just sits waiting for print....
  Also found that there is something spooky with the NTP service from time.apple.com - not properly responding when pinged - changed to other NTP service.
  Apple - go fix! 7.6.1 is dearly wanted