Hi, On 14.10.2016 16:03, Christian Fischer wrote: > On 02.08.2016 17:54, Reindl Harald wrote: >> and for IMAP/POP3 over TLS things like "CBC ciphers in TLS < 1.2 are >> considered to be vulnerable to the BEAST or Lucky 13 attacks" are >> nonsense too because the attack vector just don't exist outside a >> webbrowser > > just want to let you know that i'm in the mid of overworking the > complete SSL topic and to provide a dedicated NVT for checking > vulnerabilities like BEAST, Lucky13 and Sweet32 (the latter is also > reported as weak ciphers since a few weeks) to only report them for > Webservers. > > Will update / ping you again once this was committed to the Feed.
today i have submitted a new NVT to the feed which is now only reporting the DES/3DES ciphers as Weak for HTTPS services. This NVT will also get a few improvements in the next few weeks to only report DES/3DES ciphers as weak if the server is using them at the top of its cipher suite list. Regards, -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone Networks GmbH | http://greenbone.net Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
