Re: [Openvas-plugins] secpod_ssl_ciphers

Veerendra GG Mon, 10 Oct 2011 01:44:29 -0700

Hello Sébastien,

secpod_ssl_ciphers is an informative plugin. It will not find any specific
vulnerability, instead it will list all weak ciphers and If we set
"check_sup_ciphers"  to TRUE then it will list all supported ciphers
along with week ciphers. Hence cvss score is not mentioned.



Thank you,
Veerendra G.G


On Wednesday 05 October 2011 03:12 PM, Sébastien AUCOUTURIER wrote:

Hi friends,
i've got a question on secpod_ssl_ciphers plugin,

why when weak SSL Ciphers are detects , the theat level is 'low' ,with no cvss score ?


Nessus tags it  :
Medium //CVSS/Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Rapid7 tags it  :
Severe / /CVSS/Base Score : 5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)


--
| Sébastien AUCOUTURIER | Software Design Engineer Lead |
| ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX
| Email:[email protected]  | Fixe Sdt. 05.67.34.67.80 | Fax. 
09.80.08.37.23
| IT Security Services&  SaaS Editor  |


_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins

_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins

Re: [Openvas-plugins] secpod_ssl_ciphers

Reply via email to