RE: Open Secure Sockets Layer (OpenSSL) Read/Write After Secure Sockets Layer (SSL)

@george1421 Thank you for the information. It makes sense it would be the OS of the server. I just wanted to make sure that was the case. I spaced on the web UI as I have not been in that for quite some time. I think this answers all of my questions. You can Solve the case (I don’t see where I can do this if I do have that as an option).

Doing some cleanup in our environment before we do penetration testing. We have a vulnerability on our FOG server (CentOS 7 64 bit) where it appears we have an EoL PHP version 7.2. My colleague handles FOG updates quarterly and says we are on the latest version. How do we check the version of FOG in the Linux CLI? Also, is PHP 7.2 the latest version supported for FOG? Are we able to upgrade this separately?

I am just starting to get my hands on FOG and learn more about it, so I am sure these are “easy” questions, but I was not finding anything in the forums already or user guides.

---

Vulnerable OpenSSL version detected on port 443 over TCP -
Date: Sat, 30 Mar 2024 13:30:43 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Powered-By: PHP/7.2.34
Location: /fog/index.php
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

I think we got it figured out. I researched that init.xy error and found another ticket that talked about websites being blocked. I did not realize that the tarball still made calls out for files for the update. Sure enough, I found websites blocked. I added those sites to our whitelist, and tried it again and it worked perfect. I guess sometimes you just got to throw your hands up in the air and reset!

Thank you for your help throughout this long drawn out process.

Yeah still no joy. I am about to the end of my rope. I did notice the attached when watching the install work. Would these be any clues?

My first picture did not paint the whole picture. I tried in /root/git initially and got those messages, so I moved the files to root and same thing. I have been attempting from the fogproject-1.5.9 folder. Does it matter or does it have to be ‘fogproject’?

I will see if I can try it again this afternoon or for sure later this week.

Here is that reading post 1.5.9 update. Now instead of errors, it is just a blank screen when attempting to run the image.

Snag_1f79b001.png

Here is the output from the last message’s request. Note this is from after yum update -y and yum -y install git, but not the actual version update.

Snag_1f4f5e15.png

Apologies for the delay, I have not had another opportunity to try this. I am wondering if the problems are related to git. I followed the Update to latest page in the Wiki, and when I run the git cmds, I get the attached messages. I was not doing this in previous attempts when I did the ./installfog.sh.

Snag_1f4aa807.png

I ran those ls -a and md5sum commands, and it says no such file or directory exists for both, which I confirmed in connecting to the server via WinSCP. See attached for the information from the link you provided. ltops333.txt

Thank you for the reply. Sorry for the delay, I got pulled into other projects over the time span. Hoping to crave out a window tomorrow or Friday to give this another shot.

We updated from 1.5.8 to 1.5.9 (CentOS7; first did yum update -y, then verified GIT, and then FOG). Ended up extracting the gz file and then running the installfog.sh. Appeared everything went smooth, but when we fired up our Master PC to pull latest image, we got the attached errors. One thing of note, in the FOG Configuration, under the FOG Version Information, it did appear weird as it indicated 1.5.9, but it said it was not the latest version and none of the Latest had information. Do we need to update IPXE as well, or any ideas what might be the issue? Some research of the error indicated the images were corrupt, but when we rolled the server back to the snapshot of 1.5.8, everything was fine.