www.tacti

More documents

Recommendations

Info

Security Warning found on port/service "443 / tcp / <strong>www</strong>" Status Plugin Fail (This must be resolved for your device to be compliant). "SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened eNcryption)" Category "Misc. " Priority "Medium Priority Synopsis The remote host may be affected by a vulnerability that allows a remote attacker to potentially decrypt captured Description TLS traffic. The remote host supports SSLv2 and therefore may be affected by a vulnerability that allows a cross-protocol Bleichenbacher padding oracle attack known as DROWN (Decrypting RSA with Obsolete and Weakened eNcryption). This vulnerability exists due to a flaw in the Secure Sockets Layer Version 2 (SSLv2) implementation, and it allows captured TLS traffic to be decrypted. A man-in-the-middle attacker can exploit this to decrypt the TLS connection by utilizing previously captured traffic and weak cryptography along with a series of specially crafted connections to an SSLv2 server that uses the same private key. See also: https://drownattack.com/ https://drownattack.com/drown-attack-paper.pdf Risk factor MEDIUM / CVSS BASE SCORE :4.0 CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N Plugin output Addition Information The remote host supports SSLv2 and may be affected by SSL DROWN. CVE: http://cgi.nessus.org/cve.php3?cve=CVE-2016-0800 Other references { cert : 583776osvdb : 135149 } Solution Disable SSLv2 and export grade cryptography cipher suites. Ensure that private keys are not used anywhere with server software that supports SSLv2 connections.
Security Warning found on port/service "25 / tcp / smtp" Status Plugin Fail (This must be resolved for your device to be compliant). "SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened eNcryption)" Category "Misc. " Priority "Medium Priority Synopsis The remote host may be affected by a vulnerability that allows a remote attacker to potentially decrypt captured Description TLS traffic. The remote host supports SSLv2 and therefore may be affected by a vulnerability that allows a cross-protocol Bleichenbacher padding oracle attack known as DROWN (Decrypting RSA with Obsolete and Weakened eNcryption). This vulnerability exists due to a flaw in the Secure Sockets Layer Version 2 (SSLv2) implementation, and it allows captured TLS traffic to be decrypted. A man-in-the-middle attacker can exploit this to decrypt the TLS connection by utilizing previously captured traffic and weak cryptography along with a series of specially crafted connections to an SSLv2 server that uses the same private key. See also: https://drownattack.com/ https://drownattack.com/drown-attack-paper.pdf Risk factor MEDIUM / CVSS BASE SCORE :4.0 CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N Plugin output The remote host is affected by SSL DROWN and supports the following vulnerable cipher suites : Low Strength Ciphers (= 112-bit key) SSLv2
Page 1 and 2: Scan Summary Customer company name
Page 3 and 4: 1 0291408&CNumber=&CardPrice=&Clubt
Page 5 and 6: framemode=&ItemID=&FromRec=&FF=&Dat
Page 7 and 8: Solution Consult the application's
Page 9 and 10: Solution Consult the application's
Page 12: Security Warning found on port/serv
Page 15 and 16: Kx={key exchange} Au={authenticatio
Page 17: Security Warning found on port/serv
Page 21 and 22: Security Warning found on port/serv
Page 27 and 28: certificate authority : |-Subject :
Page 29 and 30: |-Subject : C=US/ST=Virginia/L=Hern
Page 31 and 32: |-Subject : C=US/ST=Virginia/L=Hern
Page 33 and 34: DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-C
Page 35 and 36: Security Notes found on port/servic
Page 37 and 38: Content-Type: text/html; charset=ut
Page 39 and 40: X-Permitted-Cross-Domain-Policies:
Page 41 and 42: Key Length: 2048 bits Public Key: 0
Page 43 and 44: Extension: Authority Information Ac
Page 47 and 48: D0 91 64 EC E2 0B 0B 3D B6 90 98 2A
Page 49 and 50: Version: 1 Signature Algorithm: SHA
Page 69 and 70:
Security Notes found on port/servic
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
ECDHE-RSA-AES256-SHA384 Kx=ECDHE Au
Page 89 and 90:
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=C
Page 91 and 92:
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA
Page 93 and 94:
Page 95 and 96:
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES
Page 97 and 98:
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc
Page 99 and 100:
Page 101 and 102:
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc
Page 103 and 104:
High Strength Ciphers (>= 112-bit k
Page 105 and 106:
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES
Page 107 and 108:
Page 109 and 110:
- https://www.takti.co.il/demo/inde
Page 111 and 112:
- http://www.takti.co.il/demo/index
Page 113 and 114:
Page 115 and 116:
Signature Length: 256 bytes / 2048
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
SSL/TLS version : TLSv1.0 Cipher su
Page 123 and 124:
Diffie-Hellman MODP size (bits) : 1
Page 125 and 126:
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=
Page 127 and 128:
administration /administrator /admi
Page 129 and 130:
webalizer Based on tests of each me
Page 131 and 132:
Page 133 and 134:
cgi-bin /mailman
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Name : PHPSESSID Path : / Value : 4
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
State/Province: Virginia Locality:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
lind SQL injection (4 requests) : S
Page 175 and 176:
directory traversal (write access)
Page 177 and 178:
show all

www.tacti

Create successful ePaper yourself

Delete template?

Save as template?