Microsoft
Software
Hardware
Network
Question : SSL Weak Cipher Suites Supported
I used the Nessus Scanning Tool to scan my Solaris 10 server and got one of following medium vulnerabilities:
==========================
==========
==========
==========
==========
========
SSL Weak Cipher Suites Supported
Synopsis :
The remote service supports the use of weak SSL ciphers.
Description :
The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.
See also :
http://www.openssl.org/doc
s/apps/cip
hers.html
Solution :
Reconfigure the affected application if possible to avoid use of weak
ciphers.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/
I:N/A:N)
Plugin output :
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 26928
==========================
==========
==========
==========
==========
====
I really don't know which application on my server is configured with SSL weak cipher. Or is itjust that the "openssl" command has the option to use weak cipher?
# openssl ciphers -v | grep 'DES(40)'
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
#
Answer : SSL Weak Cipher Suites Supported
If you use SSL/TLS you have to configure it to avoid 40-56-64bit ciphers (Apache,Sendmail etc)
It is not a security hole, but if you are not careful enough you may expose user's private info to network snooping leased line operators....
Random Solutions
Installing iTunes9 on Win XP Pro x64 bit OS
Collecting amount of data stored in file shares remotely
doc for code review
How to catch exception of system command.
How to register regsrv32 DLLs in remote machi by using delphi 7 program
Copy data from sheets according to sub header.
Anyone know exactly triggers the "this program may have installed incorrectly" dialog?
JSF/Hibernate: Custom Validators
local printing with RDS and Windows 2008
Exchange 2007 some groups get Calendar invites just as email
