In Access Gateway Appliance 4.2.2 and earlier, many packages that Access Gateway Appliance does not use were installed. Access Manager Update Channel does not provide new version updates for these packages. Hence, these package might be old and may contain potential vulnerability. The following is the list of unused packages:
Samba
libMagicCore1
netcat 1.10
telnet 1.2
rsh 0.17
gdb 7.7
In a fresh Access Manager 4.3 install, these packages have been removed. However, if you are upgrading your Access Manager setup to 4.3, it is recommended to remove these packages manually.
NOTE:The following sections includes the version of packages used during testing. You may have packages of different versions on your system.
Query for the samba packages installed on the server by using the following command:
rpm -qa | grep -i samba
This lists all versions of all samba packages installed on the server.
Remove the packages by using the following command:
rpm -e samba-3.6.3
rpm -e samba-winbind-3.6.3
rpm -e samba-client-3.6.3
rpm -e samba-winbind-32bit-3.6.3
rpm -e samba-client-32bit-3.6.3
rpm -e yast2-samba-server-2.18.0
rpm -e yast2-samba-client-2.17.30
It is recommended to remove the packages in the same sequence (top to down) to avoid dependency issues.
Query for the libMagickCore1 packages installed on the server by using the following command:
rpm -qa | grep -i libMagickCore1
Run the following commands:
rpm -e yast2-fingerprint-reader-2.17.7-0.1.201
rpm -e libfprint0-0.0.6-18.22.136
rpm -e libMagickCore1-6.4.3.6-7.30.1
It is recommended to remove the packages in the same sequence (top to down) to avoid dependency issues.
Query for the netcat packages installed on the server by using the following command:
rpm -qa | grep -i netcat
Run the following commands:
rpm -e netcat-1.10
Query for the telnet packages installed on the server by using the following command:
rpm -qa | grep -i telnet
Run the following commands:
rpm –e telnet-1.2
Query for the rsh packages installed on the server by using the following command:
rpm -qa | grep -i rsh
Run the following commands:
rpm –e rsh-0.17
Query for the gdb packages installed on the server by using the following command:
rpm -qa | grep -i gdb
Run the following commands:
rpm –e gdb-7.7