Educause Security Discussion mailing list archives
Re: HP's WebInspect
From: "Bradley, Stephen W. Mr." <bradlesw () MUOHIO EDU>
Date: Fri, 7 Aug 2009 13:12:26 -0400
Amazingly enough within ten minutes of posting this message I got a call from HP. They said that their latest version of WI has a serious out of memory problem in addition to our problem and that they are trying to get it fixed and released to the users. We will see. ________________________________ From: Morrow Long [mailto:morrow.long () yale edu] Sent: Friday, August 07, 2009 1:08 PM To: The EDUCAUSE Security Constituent Group Listserv Subject: Re: [SECURITY] HP's WebInspect We purchased it (a single copy) in June and have recently brought it up. We've had a few problems with the license manager and license key as well as getting a response from HP (who only recently acquired the product from SPI Dynamics). I'll forward your message on to our staff member working on HP WebInspect. - Morrow On Aug 7, 2009, at 11:35 AM, Bradley, Stephen W. Mr. wrote: Has anyone else had problems with HP's WebInspect lately or for that matter their customer support in general? We have had WI for several years now and have a paid up maintenance contract and are receiving little to no response on a problem that cropped up after an update almost 7 weeks ago. The problem is with the reporting function in version 8.0.625.1. We can run the scans but if you select a report that has critical vulnerabilities in it the report generator crashes with invalid characters. We have been told several stories so far about the problem and although they seem to be plausible stories it doesn't look like they are working to fix any of them. The front runner in causes is that they hash the IP address in the scan data and that some of the hashes produce characters that cause the report generation of the software to crash. Sounds good and they can duplicate the problem at will and they have other sites with the same problem so how hard can it be to fix it. At this point we have what amounts to a very expensive piece of software that produces no useful information Thanks steve Stephen W. Bradley SSCP GCIH GCFA CISSP Network Security Specialist Miami University Security Engineering Business & Infrastructure Services 513-529-8129 bradlesw () muohio edu<mailto:bradlesw () muohio edu>
Current thread:
- HP's WebInspect Bradley, Stephen W. Mr. (Aug 07)
- <Possible follow-ups>
- Re: HP's WebInspect Dave Kovarik (Aug 07)
- Re: HP's WebInspect Morrow Long (Aug 07)
- Re: HP's WebInspect Bradley, Stephen W. Mr. (Aug 07)
- Re: HP's WebInspect Dave Ferguson (Aug 10)
- Re: HP's WebInspect Dean De Beer (Aug 11)