Hello all,

I have generated my keys for the K3000 appliance via the K1000, meaning that I used the K1000 to generate the keys. I saw that the K3000 is running version 1.0.1 and it is vulnerable. Does this affect my K3000 appliance even if I have used the K1000 for the keys?

0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

0

Any answer...?

Answered 04/10/2014 by: elvenil
Senior Purple Belt

Please log in to comment
0

http://www.kace.com/support/resources/kb/solutiondetail?sol=SOL122931

We got a secureworks notification this morning about our K3. It doesn't matter where you generated your keys from, it matters which version of OpenSSL is running on the box. For us K3 folks, we just have to wait for the fix and be glad our K1/K2 aren't affected.

 

 

Answered 04/10/2014 by: Asevera
Blue Belt

  • Thanks a lot Asevera.
Please log in to comment
0

This seems like an answer better posed directly to the KACE service center.

 

Have you put in a ticket with Dell directly?  If so:  What did they have to say about the vulnerabilities?

If not:  you should...?

Answered 04/11/2014 by: Wildwolfay
Red Belt

Please log in to comment
0

http://www.kace.com/support/resources/kb/solutiondetail?sol=SOL122931

 

Here you go, now that I looked around...

Answered 04/11/2014 by: Wildwolfay
Red Belt

Please log in to comment
0

 

Got this last night:


Dear K3000 Customer,

 This is a follow up email from the email sent to you on April 14th. 

 We are contacting you because Dell KACE has published a Security Fix for the OpenSSL Heartbleed vulnerability. Details are listed below.

 

 

Description:  Security Hot Fix is Available for Dell KACE K3000 v1.198240 (1.1 SP2)

 

Resolution:  Dell KACE has released a security hot fix for the K3000 (applies to minimum version 1.1.98240) that can be downloaded by navigating to http://www.kace.com/support/resources/kb/solutiondetail?sol=SOL122931 to remediate this vulnerability. 

For customers on earlier versions, you will need to upgrade to v1.1.98240 prior to applying the security fix.  K3000 v1.2 downloads can be accessed here:  https://www.kace.com/support/my/downloads

Once applied the new version will be 1.1.98241

Answered 04/17/2014 by: Asevera
Blue Belt

Please log in to comment
Answer this question or Comment on this question for clarity