On 02.08.2016 17:54, Reindl Harald wrote:
> and for IMAP/POP3 over TLS things like "CBC ciphers in TLS < 1.2 are
> considered to be vulnerable to the BEAST or Lucky 13 attacks" are
> nonsense too because the attack vector just don't exist outside a
> webbrowser

just want to let you know that i'm in the mid of overworking the
complete SSL topic and to provide a dedicated NVT for checking
vulnerabilities like BEAST, Lucky13 and Sweet32 (the latter is also
reported as weak ciphers since a few weeks) to only report them for

Will update / ping you again once this was committed to the Feed.



Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
Greenbone Networks GmbH | http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
Openvas-discuss mailing list

Reply via email to