Microsoft
Software
Hardware
Network
Question : SSL Weak Cipher Suites Supported
I used the Nessus Scanning Tool to scan my Solaris 10 server and got one of following medium vulnerabilities:
==========================
==========
==========
==========
==========
========
SSL Weak Cipher Suites Supported
Synopsis :
The remote service supports the use of weak SSL ciphers.
Description :
The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.
See also :
http://www.openssl.org/doc
s/apps/cip
hers.html
Solution :
Reconfigure the affected application if possible to avoid use of weak
ciphers.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/
I:N/A:N)
Plugin output :
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 26928
==========================
==========
==========
==========
==========
====
I really don't know which application on my server is configured with SSL weak cipher. Or is itjust that the "openssl" command has the option to use weak cipher?
# openssl ciphers -v | grep 'DES(40)'
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
#
Answer : SSL Weak Cipher Suites Supported
If you use SSL/TLS you have to configure it to avoid 40-56-64bit ciphers (Apache,Sendmail etc)
It is not a security hole, but if you are not careful enough you may expose user's private info to network snooping leased line operators....
Random Solutions
How do I get from this code to my desired output?
Combine data from several rows into a single result
stsadm import command fails to execute
Windows Server 2008 backup utility
SBS Backup failed on D: "The system cannot find the path specified."
Show UnFriendly HTTP Error
Notepad++ Is there a way to show the cursor offset from the beginning of the file
trial version vmware "there are not enough licenses installed to perform the operation"
Access 2003 has no On Change event for Controls
Possible Memory leak in 3rd party com+app
