Scanalert Warning: The remote host appears to be using a version of OpenSSL which is older than 0.9.6j or 0.9.7b

The OpenSSL version has actually been patched on our servers for more than a year when the exploit was first announced by the makers of the software. While the version number remains the same, the actual code in the program was modified as per vendor specs. ScanAlert appear to be searching for just the version number, and since the number matches that which is in their exploitable list, they are coming up with a false positive match.

You can safely notify them that this has been resolved on our servers.

Reviewed 11/05/2016
  • Email, SSL
  • 3 Users Found This Useful
Was this answer helpful?

Related Articles

ScanAlert Test Levels Explanations

So you've signed up for ScanAlert and have your weekly report. If you have notices, here are what...

WebSite Directory Index Vulnerability

Scanalert's "WebSite Directory Index Vulnerability" simply means that if someone goes to a...

Scanalert Warning: The remote host appears to have 10 or more open ports

This is part of how the system operates. We have substantial firewalls in place, however since we...

Excessive Open Ports

ScanAlert, HackerSafe, HackerGuardian and HackerProof are the main contenders on the web when it...

Common Port Detection

Many port scan companies such as HacerkSafe, ScanAlert, HackerGuardian and HackerProof scan...