Message Image

Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.

Skip to main content (Press Enter).

Skip auxiliary navigation (Press Enter).

Skip main navigation (Press Enter).

Comware

View Only

last person joined: 2 days ago

Back to discussions

Expand all | Collapse all

"Logjam" fix for HP1810

This thread has been viewed 0 times

1. "Logjam" fix for HP1810

0 Kudos
loopway
Posted Jan 15, 2016 11:16 AM

Reply Reply Privately
Hello all
I'm using an hp1810 switch and couldn't find any newer firmware than the following:
HP 1810-24G, PL.2.04
Unfortunately the SSL Logjam vulnerability is not fixed within this level. I know how to tweak firefox'es security settings to allow a connection to the webinterface anyway (about:config -> set security.ssl3.dhe_rsa_aes_128_sha and security.ssl3.dhe_rsa_aes_128_sha to false).
Since there seems no way to change the behaviour of the intergrated webserver over the webgui, I was wondering if there is any other way to generate new Diffie-Hellman groups. Or of course a fixed firmware would be even better! I think we could expect that from an enterprise level product ...
Cheers

#SSL
2. RE: "Logjam" fix for HP1810

0 Kudos
loopway
Posted Mar 14, 2016 12:12 PM

Reply Reply Privately
well, there is finally an update available:
http://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=c04964486
PL.2.06, Build date 21-Oct-2015!!
thought might help others ...
cheers

Powered by Higher Logic