Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Wang
Collaborator

SSL Medium Strength Cipher Suites Supported

  • What about a list of moderately strong SSL passwords? Can someone help me?

    42873 - SSL Medium Strength Cipher Suites Supported
    Here is the list of medium strength SSL ciphers supported by the remote server :

    Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

    EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
    ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
    DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

    The fields above are :

    {OpenSSL ciphername}
    Kx={key exchange}
    Au={authentication}

8 Replies
Tor-Erik_Ones
Participant

I think yuo have to explain what you are trying to do

0 Kudos
Wang
Collaborator

  • This is the vulnerability scanned by the scanning software?

    I would like to ask what is the reason and what is the solution?

0 Kudos
Wang
Collaborator

  • I am looking forward to your reply. Thank you very much!

0 Kudos
Timothy_Hall
Legend Legend
Legend

66790fe4-98ef-4
Explorer

I wish people would take a little more time in their answers to specific questions. Just pointing everyone to KB articles is equivalent to one tick above zero effort. I can search and find KB articles, read them and as long as they are well written understand them. But if that were the case, there would be no need for these BB sites would there? If one takes the time to answer these queries, the least they can do is to summarize the articles, otherwise all your help is merely rudimentary skills, and I cannot see how people would give a thumbs up to these replies, unless of course the learner is too lazy to look this up themselves.

0 Kudos
Raman_Arora
Contributor

@Timothy_Hall Do CP have any published sk on Qualys scan - QID - 38142 - SSL Server Allows Anonymous Authentication Vulnerability?


"CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE
TLSv1 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH
TLSv1.1 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH
TLSv1.2 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH"

 

0 Kudos
cstaffbrad
Explorer

Any suggestion on above question please, I think we have the same issue.

0 Kudos
_Val_
Admin
Admin

What is "the same issue" in your case, can you elaborate? This thread is two years old, it may not be relevant to your case. Please specify in more details, thanks.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events