Weak ciphers offered by this service:TLS1_ECDH_anon_WITH_DES_192_CBC3_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher?
(custom override [Medium > Medium])TLS1_RSA_DES_192_CBC3_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custom ov?
erride [Medium > Medium])TLS1_ADH_WITH_AES_256_SHA : Strong cipher;No cipher;Weak cipher;Medium cipher (custom ov?
erride [Strong > Strong])TLS1_DHE_RSA_WITH_AES_256_SHA : Strong cipher;No cipher;Weak cipher;Medium cipher (custo?
m override [Strong > Strong])TLS1_RSA_WITH_AES_256_SHA : Strong cipher;No cipher;Weak cipher;Medium cipher (custom ov?
erride [Strong > Strong])TLS1_ADH_WITH_AES_128_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custom ov?
erride [Medium > Medium])TLS1_DHE_RSA_WITH_AES_128_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custo?
m override [Medium > Medium])TLS1_RSA_WITH_AES_128_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custom ov?
erride [Medium > Medium])TLS1_ECDH_anon_WITH_AES_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS1_ECDH_anon_WITH_AES_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS1_ECDHE_RSA_WITH_AES_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS1_ECDHE_RSA_WITH_AES_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS1_ADH_WITH_CAMELLIA_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (?
custom override [Medium > Medium])TLS1_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong ciph?
er (custom override [Medium > Medium])TLS1_RSA_WITH_CAMELLIA_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (?
custom override [Medium > Medium])TLS1_ADH_WITH_CAMELLIA_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (?
custom override [Medium > Medium])TLS1_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong ciph?
er (custom override [Medium > Medium])TLS1_RSA_WITH_CAMELLIA_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (?
custom override [Medium > Medium])TLS1_ADH_DES_192_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custom ove?
rride [Medium > Medium])TLS1_ECDH_anon_WITH_DES_192_CBC3_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher?
(custom override [Medium > Medium])TLS1_RSA_DES_192_CBC3_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custom ov?
erride [Medium > Medium])TLS1_ADH_WITH_AES_256_SHA : Strong cipher;No cipher;Weak cipher;Medium cipher (custom ov?
erride [Strong > Strong])TLS1_DHE_RSA_WITH_AES_256_SHA : Strong cipher;No cipher;Weak cipher;Medium cipher (custo?
m override [Strong > Strong])TLS1_RSA_WITH_AES_256_SHA : Strong cipher;No cipher;Weak cipher;Medium cipher (custom ov?
erride [Strong > Strong])TLS1_ADH_WITH_AES_128_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custom ov?
erride [Medium > Medium])TLS1_DHE_RSA_WITH_AES_128_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custo?
m override [Medium > Medium])TLS1_RSA_WITH_AES_128_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custom ov?
erride [Medium > Medium])TLS1_ECDH_anon_WITH_AES_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS1_ECDH_anon_WITH_AES_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS1_ECDHE_RSA_WITH_AES_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS1_ECDHE_RSA_WITH_AES_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS1_ADH_WITH_CAMELLIA_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (?
custom override [Medium > Medium])TLS1_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong ciph?
er (custom override [Medium > Medium])TLS1_RSA_WITH_CAMELLIA_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (?
custom override [Medium > Medium])TLS1_ADH_WITH_CAMELLIA_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (?
custom override [Medium > Medium])TLS1_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong ciph?
er (custom override [Medium > Medium])TLS1_RSA_WITH_CAMELLIA_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (?
custom override [Medium > Medium])TLS1_ADH_DES_192_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (custom ove?
rride [Medium > Medium])TLS_1_2_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : Medium cipher;No cipher;Weak cipher;Strong c?
ipher (custom override [Medium > Medium])TLS_1_2_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : Medium cipher;No cipher;Weak cipher;Strong c?
ipher (custom override [Medium > Medium])TLS_1_2_DH_anon_WITH_AES_128_GCM_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cip?
her (custom override [Medium > Medium])TLS_1_2_DH_anon_WITH_AES_256_CBC_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cip?
her (custom override [Medium > Medium])TLS_1_2_DH_anon_WITH_AES_128_CBC_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cip?
her (custom override [Medium > Medium])TLS_1_2_RSA_WITH_AES_128_GCM_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS_1_2_DHE_RSA_WITH_AES_128_GCM_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cip?
her (custom override [Medium > Medium])TLS_1_2_DHE_RSA_WITH_AES_256_CBC_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cip?
her (custom override [Medium > Medium])TLS_1_2_DHE_RSA_WITH_AES_128_CBC_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cip?
her (custom override [Medium > Medium])TLS_1_2_RSA_WITH_AES_256_CBC_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS_1_2_RSA_WITH_AES_128_CBC_SHA256 : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS_1_2_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : Medium cipher;No cipher;Weak cipher;Strong c?
ipher (custom override [Medium > Medium])TLS_1_2_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : Medium cipher;No cipher;Weak cipher;Strong c?
ipher (custom override [Medium > Medium])TLS_1_2_DH_anon_WITH_AES_256_GCM_SHA384 : Medium cipher;No cipher;Weak cipher;Strong cip?
her (custom override [Medium > Medium])TLS_1_2_RSA_WITH_AES_256_GCM_SHA384 : Medium cipher;No cipher;Weak cipher;Strong cipher ?
(custom override [Medium > Medium])TLS_1_2_DHE_RSA_WITH_AES_256_GCM_SHA384 : Medium cipher;No cipher;Weak cipher;Strong cip?
her (custom override [Medium > Medium])TLS_1_2_DHE_RSA_WITH_AES_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher?
(custom override [Medium > Medium])TLS_1_2_DHE_RSA_WITH_AES_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher?
(custom override [Medium > Medium])TLS_1_2_RSA_WITH_AES_256_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (cu?
stom override [Medium > Medium])TLS_1_2_RSA_WITH_AES_128_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (cu?
stom override [Medium > Medium])TLS_1_2_RSA_WITH_3DES_EDE_CBC_SHA : Medium cipher;No cipher;Weak cipher;Strong cipher (c?
ustom override [Medium > Medium])
LösungThe configuration of this services should be changed so that it does not support the listed weak ciphers anymore.
Schwachstellen-Einblick These rules are applied for the evaluation of the cryptographic strength: - Any SSL/TLS using no cipher is considered weak.- All SSLv2 ciphers are considered weak due to a design flaw within the SSLv2 protocol.
- RC4 is considered to be weak.- Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore considered as weak.
- 1024 bit RSA authentication is considered to be insecure and therefore as weak.
- CBC ciphers in TLS < 1.2 are considered to be vulnerable to the BEAST or Lucky 13 attacks
- Any cipher considered to be secure for only the next 10 years is considered as medium
- Any other cipher is considered as strong Methode zur Schwachstellenerkennung Details: Check for SSL Weak Ciphers (OID: 1.3.6.1.4.1.25623.1.0.103440) Benutzte Version: $Revision: 3061 $
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss