cancel
Showing results for 
Search instead for 
Did you mean: 
js983e Valued Member
Valued Member

dropbear ssh (CVE-2016-7406 through 7409)

we Just had a v180 installed and ran a security scan on it and came back with this dropbear ssh vuln

 

"According to its self-reported version in its banner, Dropbear SSH running on the remote host is prior to 2016.74."

 

The v180 is current running software version 80.44.41

 

Is there a know fix/SPAR available? I tried calling in but its so new that Xerox phone support kept telling me that they cant find the S/N on my account. Thought id try here until i can hear back from my account rep.

 

Thanks

0 Kudos
1 Reply
Highlighted
Analyst Nation Moderator Joe053204-xrx
Analyst Nation Moderator

Re: dropbear ssh (CVE-2016-7406 through 7409)

There is a newer release numbered 80.44.83

 

Production printer firmware are not available on public links, meaning you need to go through Xerox 2nd level to obtain it.

 

The DFE(s) from EFI are updated through EFI, you can just set the DNS and enable automatic updates, or install them manually via the Configure tab in Webtools

 

The Freeflow print server is updated by the technician I believe. (But I could be wrong on that point)

Please be sure to select "Accept Solution" and or select the thumbs up icon to enter Kudos for posts that resolve your issues. Your feedback counts!

Joe.
0 Kudos