Re: Tomcat FREAK Issue

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Uzair, On 7/14/16 11:04 PM, uzair rashid wrote: > Hello Chris, > > We are using Tomcat version: 6.0.36.0 > > JRE 1.6.0 Java 1.6 does not support TLSv1.1 or TLSv1.2, so you won't be able to get those to work. Also, Java 1.6 does not support DH

Re: Tomcat FREAK Issue

Hello Christopher, Did you or anyone have a gauge on how we might fix this? Thank you! On Thu, Jul 14, 2016 at 8:04 PM, uzair rashid wrote: > Hello Chris, > > We are using Tomcat version: 6.0.36.0 > > JRE 1.6.0 > > Do you think I need to change the settings to the

Re: Tomcat FREAK Issue

Hello Chris, We are using Tomcat version: 6.0.36.0 JRE 1.6.0 Do you think I need to change the settings to the following: Really look forward to your expertise on this. Thank you On Thu, Jul 14, 2016 at 7:07 PM, Christopher Schultz < ch...@christopherschultz.net>

Re: Tomcat FREAK Issue

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Uzair, On 7/14/16 10:12 AM, uzair rashid wrote: > Running Tomcat 6.x Which one exactly? > and every week during vulnerability scans we are having the > following results: > > Vulnerability References: > > SSL/TLS Server Factoring RSA Export Keys

Tomcat FREAK Issue

Hello Experts: Running Tomcat 6.x and every week during vulnerability scans we are having the following results: Vulnerability References: SSL/TLS Server Factoring RSA Export Keys (FREAK) vulnerability Impact: Exploitation allows an attacker to bypass security restrictions on the