On 12/08/2014 10:15 AM, Chris wrote: > Am 08.12.2014 um 19:05 schrieb Reindl Harald: >> hardcoded - a design flaw > > not really: > > http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-November/007077.html
Thank you for the answers, this helps quite a bit. Is there any further information on the proper syntax for 'gsad --gnutls-priorities=' ? Does it take the SSLCipherSuite syntax used by Apache's mod_ssl? For example, the article shows: gsad --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0" However, in my limited understanding of POODLE, SSLv3 using CBC ciphers are vulnerable to that MITM attack. thank you, K _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
