PCI compliance failure - can i fix?
2 posts
• Page 1 of 1
PCI compliance failure - can i fix?
by TheLunchboxstore » Fri Mar 16, 2012 10:36 am
Hi
My site has failed a PCI scan - have been trying to use Paypal Pro - listed below are the fail points. Are these something I can rectify myself easily? Are they something my host should rectify? Or am I wasting my time and should have gone with Paypal Hosting solution?
Thanks for any help
ProFTPD Prior to 1.3.3c Multiple
Vulnerabilities, CVE-2010-3867 CVE2010-
4221
OpenSSH < 4.4 Multiple
Vulnerabilities, CVE-2006-5051 CVE2006-
5052
9.30 Fail
ProFTPD Use-After-Free vulnerability,
CVE-2011-4130
9.00 Fail
MySQL sql_parse.cc Multiple Format
String Vulnerabilities, CVE-2009-2446 8.50 Fail
OpenSSH X11 Cookie Local
Authentication Bypass Vulnerability,
CVE-2007-4752
7.50 Fail
OpenSSH Privilege Separation Monitor
Weakness, CVE-2006-5794 7.50 Fail
MySQL Multiple Remote Stack Buffer
Overflow Vulnerabilities, CVE-20094484
7.50 Fail
OpenSSH X11 Session Hijacking
Vulnerability, CVE-2008-1483
6.90 Fail
MySQL vio_verify_callback Man-InThe-
Middle Vulnerability, CVE-20094028
6.80 Fail
ProFTPD mod_sql Remote Heap
Based Buffer Overflow
6.80 Fail
MySQL Community Server < 5.1.47 /
5.0.91 Multiple Vulnerabilities, CVE2010-
1848 CVE-2010-1849 CVE-20101850
6.50 Fail
MySQL \'sql/sql_table.cc\' CREATE
TABLE Security Bypass Vulnerability,
CVE-2008-7247
6.00 Fail
MySQL Version 5.0 Prior to Version
5.0.88 Multiple Vulnerabilities, CVE2009-
4028
5.80 Fail
MySQL Community Server 5.x < 5.1.46
Multiple Vulnerabilities, CVE-20101621
CVE-2010-1626
5.00 Fail
MySQL Server Prior to Version 5.1.51
Multiple Vulnerabilities, CVE-20103833
CVE-2010-3834 CVE-2010-3835
CVE-2010-3836 CVE-2010-3837 CVE2010-
3838 CVE-2010-3839 CVE-20103840
5.00 Fail
My site has failed a PCI scan - have been trying to use Paypal Pro - listed below are the fail points. Are these something I can rectify myself easily? Are they something my host should rectify? Or am I wasting my time and should have gone with Paypal Hosting solution?
Thanks for any help
ProFTPD Prior to 1.3.3c Multiple
Vulnerabilities, CVE-2010-3867 CVE2010-
4221
OpenSSH < 4.4 Multiple
Vulnerabilities, CVE-2006-5051 CVE2006-
5052
9.30 Fail
ProFTPD Use-After-Free vulnerability,
CVE-2011-4130
9.00 Fail
MySQL sql_parse.cc Multiple Format
String Vulnerabilities, CVE-2009-2446 8.50 Fail
OpenSSH X11 Cookie Local
Authentication Bypass Vulnerability,
CVE-2007-4752
7.50 Fail
OpenSSH Privilege Separation Monitor
Weakness, CVE-2006-5794 7.50 Fail
MySQL Multiple Remote Stack Buffer
Overflow Vulnerabilities, CVE-20094484
7.50 Fail
OpenSSH X11 Session Hijacking
Vulnerability, CVE-2008-1483
6.90 Fail
MySQL vio_verify_callback Man-InThe-
Middle Vulnerability, CVE-20094028
6.80 Fail
ProFTPD mod_sql Remote Heap
Based Buffer Overflow
6.80 Fail
MySQL Community Server < 5.1.47 /
5.0.91 Multiple Vulnerabilities, CVE2010-
1848 CVE-2010-1849 CVE-20101850
6.50 Fail
MySQL \'sql/sql_table.cc\' CREATE
TABLE Security Bypass Vulnerability,
CVE-2008-7247
6.00 Fail
MySQL Version 5.0 Prior to Version
5.0.88 Multiple Vulnerabilities, CVE2009-
4028
5.80 Fail
MySQL Community Server 5.x < 5.1.46
Multiple Vulnerabilities, CVE-20101621
CVE-2010-1626
5.00 Fail
MySQL Server Prior to Version 5.1.51
Multiple Vulnerabilities, CVE-20103833
CVE-2010-3834 CVE-2010-3835
CVE-2010-3836 CVE-2010-3837 CVE2010-
3838 CVE-2010-3839 CVE-20103840
5.00 Fail
- TheLunchboxstore
- Posts: 25
- Joined: Thu Jan 20, 2011 1:41 pm
Re: PCI compliance failure - can i fix?
by Qphoria » Fri Mar 16, 2012 1:51 pm
PCI scans have nothing to do with opencart or any script. These are all on your server and you have to contact your webhost for support on these.
Donate!|OpenCart Basics|GeoZones
Help me get more development cloud storage - Click Here to get DropBox
-
Qphoria - Administrator
- Posts: 18199
- Joined: Mon Jul 21, 2008 7:02 pm
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: gorav and 15 guests
