Microsoft
Software
Hardware
Network
Question : SSL Weak Cipher Suites Supported
I used the Nessus Scanning Tool to scan my Solaris 10 server and got one of following medium vulnerabilities:
==========================
==========
==========
==========
==========
========
SSL Weak Cipher Suites Supported
Synopsis :
The remote service supports the use of weak SSL ciphers.
Description :
The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.
See also :
http://www.openssl.org/doc
s/apps/cip
hers.html
Solution :
Reconfigure the affected application if possible to avoid use of weak
ciphers.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/
I:N/A:N)
Plugin output :
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 26928
==========================
==========
==========
==========
==========
====
I really don't know which application on my server is configured with SSL weak cipher. Or is itjust that the "openssl" command has the option to use weak cipher?
# openssl ciphers -v | grep 'DES(40)'
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
#
Answer : SSL Weak Cipher Suites Supported
If you use SSL/TLS you have to configure it to avoid 40-56-64bit ciphers (Apache,Sendmail etc)
It is not a security hole, but if you are not careful enough you may expose user's private info to network snooping leased line operators....
Random Solutions
Folders Hidden windows xp
Access Database restrictions
How to track downloads in Google analytics ?
Aligning Msgbox text
adding last password change to vbscript (exporting Exchange 2003 mailbox statistics)
Excel Macro - Copy hyperlink in Excel and then paste page contents to excel page
What does \e mean in a regular expressions?
Convert html pages into PHP
Install W7 over Vista Home Premium OS
record source for reports and forms gone