ISSUE SUMMARY |
||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
IP Address | Port | Risk Level | Score |
---|---|---|---|
192.168.101.128 | 443 | High | 70 |
Issue Summary: | |||
Use of Self-Signed Certificate Vulnerable to BEAST attack Certificate Not Trusted Certificate Issued to a Different Entity Support for MD5 MAC | |||
IP Address | Port | Risk Level | Score |
---|---|---|---|
192.168.101.128 | 12321 | High | 35 |
Issue Summary: | |||
Deprecated SSL version 2 Supported Weak Ciphers Supported Use of Self-Signed Certificate Vulnerable to BEAST attack Vulnerable to CRIME attack Certificate Not Trusted Session Resumption Not Supported Certificate Issued to a Different Entity Support for MD5 MAC | |||
IP Address | Port | Risk Level | Score |
---|---|---|---|
www.gmail.com | 443 | Low | 96 |
Issue Summary: | |||
Certificate Issued to a Different Entity Support for MD5 MAC | |||
IP Address | Port | Risk Level | Score |
---|---|---|---|
www.twitter.com | 443 | Low | 94 |
Issue Summary: | |||
Session Resumption Not Supported Support for MD5 MAC | |||
IP Address | Port | Risk Level | Score |
---|---|---|---|
www.yahoo.com | 443 | Medium | 73 |
Issue Summary: | |||
Renegotiation Vulnerability Vulnerable to BEAST attack Vulnerable to CRIME attack Session Resumption Not Supported Support for MD5 MAC | |||
Use of Self-Signed Certificate |
Rating: High - CVSS: 4.20 Description: The web server was using a self-signed SSL certificate. By using a self-signed SSL certificate users are encouraged to click-through warnings and error messages and as a consequence may be conditioned to automatically accept a rogue certificate used during a man-in-the-middle (MiTM) attack against the affected host. In addition, self-signed SSL certificates cannot easily be revoked due to the lack of an issuing certification authority to publish a certificate revocation list; this could potentially lead to problems if the private key of the self-signed SSL certificate was compromised. Recommendation: It is recommended to use a valid SSL certificate purchased from a trusted certificate authority. References: N/A |
Vulnerable to BEAST attack |
Rating: Medium - CVSS: 3.40 Description: The SSL service on the web server might be vulnerable to BEAST attack. The SSL service has no support for TLS 1.1 or TLS 1.2 protocols and has higher priority (preferred ciphers) for block ciphers. The BEAST attack exploits a vulnerability in the way block ciphers are used in the SSL 3.0 and TLS 1.0 protocols. Due to this, a Man-in-the-Middle attack is possible which can be used to obtain plaintext HTTP headers from the encrypted tunnel. Stream ciphers are not vulnerable to this attack as they work in a completely different way. Recommendation: To mitigate this risk enable support only for TLS 1.1 and TLS 1.2 protocols as these are not vulnerable to this attack. The compatibility of the server and the client should be checked before enabling support for these protocols as many of the clients don't support these protocols. If the clients are not compatible, a workaround procedure is available. It involves giving lower priority to all the block ciphers and giving higher priority to stream ciphers (RC4) though they are not cryptographically as strong as block ciphers. References: http://www.phonefactor.com/resources/CipherSuiteMitigationForBeast.pdf http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389 http://www.kb.cert.org/vuls/id/864643 |
Certificate Not Trusted |
Rating: Medium - CVSS: 3.20 Description: The certificate is not trusted. Recommendation: If the certificate is used on the Internet outside the organisation, it is recommended to purchase the certificate from a Certification Authority (CA). References: N/A |
Certificate Issued to a Different Entity |
Rating: Low - CVSS: 2.40 Description: The certificate is issued to a different entity as the hostname on the certificate does not match. Recommendation: It is recommended to use the certificate extension "Subject Alternative Name" to specify all the DNS names to which the certificate is applicable to. References: N/A |
Deprecated SSL version 2 Supported |
Rating: High - CVSS: 4.20 Description: The service supports the use of Secure Sockets Layer protocol 2.0 (SSLv2). SSLv2 has been deprecated for a number of years and is no longer recommended due to several security flaws that could allow an attacker to monitor or tamper with sensitive data passed between an affected host and its clients. These flaws include: - No protection against man-in-the-middle (MiTM) attacks during the handshake. - Weak MAC construction and MAC relying solely on the MD5 hash function. - Exportable cipher suites unnecessarily weaken the MACs. - Same cryptographic keys used for message authentication and encryption. - Vulnerable to truncation attacks by forged TCP FIN packets. Recommendation: The servers should be configured to not support this protocol and only support SSL version 3 or TLS version 1+ which are more secure. Apache: Edit the Apache configuration file and change the SSLProtocol line to read: SSLProtocol all -SSLv2 References: http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html http://support.microsoft.com/kb/187498 http://httpd.apache.org/docs/2.0/mod/mod_ssl.html |
Weak Ciphers Supported |
Rating: High - CVSS: 4.20 Description: The server was identified to be supporting weak ciphers for establishment of the secure connection. Currently, TLS/SSL ciphers with a key length of 56 bits or less are considered to be weak and should not be used due to insufficient protection from cryptographic attacks. Multiple ciphers with varying strength are supported by a web server and the one the client will use is negotiated during the initial connection setup. An attacker in a position to manipulate communication between an affected host and its clients may be able to conduct a "cipher downgrade" attack and force the use of a weaker TLS/SSL cipher than would otherwise have been selected. This in turn could allow an attacker to more easily monitor or tamper with sensitive data passed between an affected host and its clients. The allowed ciphers were tested by establishing a connection using each of the ciphers available and checking the connection establishment status. This gives the list of all the ciphers supported by noting all the ciphers with which the connection was established. Recommendation: The servers should be configured in such a way that only the strong ciphers are supported. Apache: Edit the Apache configuration file and change the SSLCipherSuite line to read: SSLCipherSuite HIGH:MEDIUM References: http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html http://support.microsoft.com/kb/245030 http://httpd.apache.org/docs/2.0/mod/mod_ssl.html |
Vulnerable to CRIME attack |
Rating: Medium - CVSS: 3.40 Description: The SSL service was found to be vulnerable to CRIME attack as it supports TLS level compression. Recommendation: It is recommended to disable TLS compression to mitigate the issue. References: N/A |
Session Resumption Not Supported |
Rating: Low - CVSS: 2.40 Description: The SSL service was found not supporting SSL/TLS session resumption. Recommendation: It is recommended to enable support for session resumption to improve the performance of the SSL service. References: http://www.linuxjournal.com/article/5487 |
Renegotiation Vulnerability |
Rating: Medium - CVSS: 3.20 Description: During the assessment it was identified that the remote SSL VPN devices / Web Server have an SSL renegotiation issue. Due to this vulnerability, the connection renegotiation could be performed in an unsecure way after the initial handshake. An unauthenticated remote attacker might leverage this issue to inject an arbitrary amount of plaintext into the beginning of the application protocol stream, which could facilitate man-in-the-middle attacks if the service assumes that the sessions before and after renegotiation are from the same 'client' and merges them at the application layer. Recommendation: It is recommended to either check the SSL connection configuration or update the SSL / remote UTM devices to a later version or directly update the OpenSSL software/component, if they are running an older version. References: http://osvdb.org/show/osvdb/73894 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555 http://www.securityfocus.com/bid/48626/info http://www.phonefactor.com/sslgap/ssl-tls-authentication-patches |