Microsoft
Software
Hardware
Network
Question : SSL Weak Cipher Suites Supported
I used the Nessus Scanning Tool to scan my Solaris 10 server and got one of following medium vulnerabilities:
==========================
==========
==========
==========
==========
========
SSL Weak Cipher Suites Supported
Synopsis :
The remote service supports the use of weak SSL ciphers.
Description :
The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.
See also :
http://www.openssl.org/doc
s/apps/cip
hers.html
Solution :
Reconfigure the affected application if possible to avoid use of weak
ciphers.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/
I:N/A:N)
Plugin output :
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 26928
==========================
==========
==========
==========
==========
====
I really don't know which application on my server is configured with SSL weak cipher. Or is itjust that the "openssl" command has the option to use weak cipher?
# openssl ciphers -v | grep 'DES(40)'
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
#
Answer : SSL Weak Cipher Suites Supported
If you use SSL/TLS you have to configure it to avoid 40-56-64bit ciphers (Apache,Sendmail etc)
It is not a security hole, but if you are not careful enough you may expose user's private info to network snooping leased line operators....
Random Solutions
Close WORD question
How do I perform linkification on a traverse of a DOM dynamically
Find and export contacts by value in Account entity
Excel - Check to see if workbook is already open
How many emails can we send?
Computer boots but video cuts from svideo
Meta Data Removal Tool Suggestions?
json to javascript - google charts
JavaScript to find if URL and link are the same and change the style if true!
How can i use a subquery within a SELECT?