topic Application Manager updates in Installation & Licensing Forum

Application Manager updates

jeff_howard1 — Fri, 13 Nov 2015 16:38:48 GMT

Have any others had issues with your firewall telling you that a user has initated a DDOS attack by recieving an update via the Autodesk Application manager?

My firewall is reporting the following.

disposition	source_ip	destination	protocol	policy_name	severity	signature_id	signature_name	signature_cat	timezone	count
Denied	Ben@xxxxx.com	23.54.77.121:443	https/tcp	HTTPS-proxy-00	4	1130226	SSL OpenSSL Invalid Session Ticket Denial of Service -1 (CVE-20	DoS/DDoS	11/12/2015 11:16	6
Denied	Anders@xxxxxx.com	23.54.77.121:443	https/tcp	HTTPS-proxy-00	4	1130226	SSL OpenSSL Invalid Session Ticket Denial of Service -1 (CVE-20	DoS/DDoS	11/12/2015 11:48	5
Denied	Jennifer@xxxxxx.com	23.54.77.121:443	https/tcp	HTTPS-proxy-00	4	1130226	SSL OpenSSL Invalid Session Ticket Denial of Service -1 (CVE-20	DoS/DDoS	11/12/2015 14:49	5
Denied	Jennifer@xxxxx.com	23.54.77.121:443	https/tcp	HTTPS-proxy-00	4	1130226	SSL OpenSSL Invalid Session Ticket Denial of Service -1 (CVE-20	DoS/DDoS	11/12/2015 16:15	7

When I look them up on the Watchguard security portal I get the following information.

Intrusion Prevention Service


Signature Version: 4.030

SSL OpenSSL Invalid Session Ticket Denial of Service -1 (CVE-2014-3567)

Threat Level: High

Release Date: 2014/11/21

Category: Dos/DDoS

Signature ID: 1130226

Affected OS: Windows, Linux, FreeBSD, Solaris, Other Unix, Mac OS

Description: It is due to a memory leak when OpenSSL processes invalid session tickets to verify their integrity

Impact: Denial of service

Recommendation: Update vendor's patch

False Positive: None

False Negative: None

Additional Information (Links open in new window):

CVE ID [NIST]	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3567
CVE ID [mitre.org]	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567

Reference(s): CVE-2014-3567

RE: Application Manager updates

Otto — Fri, 13 Nov 2015 16:40:55 GMT

Hello jeff.howard

It looks like you're experiencing issues with the Application Manager. The following article(s) should help you resolve the problem:

Autodesk Forum Thread: Autodesk Application Manager

Autodesk Application Manager FAQ

How to Silently Uninstall Application Manager using SCCM

Error: Unable to run Application Manager

Autodesk Application Manager Error: SSL Handshake failed

If this information was helpful, please consider marking it as an Accepted Solution by clicking on the "Accept as Solution" link, below. Taking a moment to do this will help others with similar questions find useful answers. Thank you!

Kudos (click on the link or the "thumbs-up!" icon), are also gratefully received! (Even a bot likes praise.)

If this answer missed the mark, please let us know so that other community members can lend a hand. Any additional details might help, too: consider including relevant screenshots, log files, error messages, or system specs.

Re: RE: Application Manager updates

jeff_howard1 — Fri, 13 Nov 2015 16:49:47 GMT

I'm not sure that any of these solutions address my issue. The Application manager works and updates the software as it is intended to. It might get blocked by our firewall one day and then the next it will get through. I believe it has something to do with the deliver method. The server that the updates are coming from are a23-54-77-121.deploy.static.akamaitechnologies.com. I know Autodesk uses akamai technologies to push updates out, but either there SSL certificates are not being updated or there are other issues causing out firewall to block them from time to time. I also know that Adobe uses the same akamai services and I am asking the same question in there user forum to see if this is an Autodesk or a Adobe issue.