Re: SSL vulnerabilities

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 07/31/2013 08:52 PM, Anumeha Prasad wrote:
Hi,

Following 2 vulnerabilities were detected in VA scan required for PCI
compliance:

1. SSL Weak Cipher Suites Supported
2. SSL Medium Strength Cipher Suites Supported

I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any
idea how to get rid of this?
Are you using SSL /https?
If so, edit the SSL settings to remove the offending ciphers.
Where else are you using SSL - check configs for ciphers supported.
Edit to taste.
HTH
Thanks,
Anumeha
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux