Hi, Following 2 vulnerabilities were detected in VA scan required for PCI compliance: 1. SSL Weak Cipher Suites Supported 2. SSL Medium Strength Cipher Suites Supported I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any idea how to get rid of this? Thanks, Anumeha
On 07/31/2013 08:52 PM, Anumeha Prasad wrote:> Hi, > > Following 2 vulnerabilities were detected in VA scan required for PCI > compliance: > > 1. SSL Weak Cipher Suites Supported > 2. SSL Medium Strength Cipher Suites Supported > > I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any > idea how to get rid of this?Are you using SSL /https? If so, edit the SSL settings to remove the offending ciphers. Where else are you using SSL - check configs for ciphers supported. Edit to taste. HTH> Thanks, > Anumeha > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos
http://pof.eslack.org/2011/06/07/disable-apache2-weak-medium-ciphers-pci-compliance/ 2013/7/31 Anumeha Prasad <anumeha.prasad at gmail.com>> Hi, > > Following 2 vulnerabilities were detected in VA scan required for PCI > compliance: > > 1. SSL Weak Cipher Suites Supported > 2. SSL Medium Strength Cipher Suites Supported > > I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any > idea how to get rid of this? > > Thanks, > Anumeha > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >
Am 31.07.2013 10:52, schrieb Anumeha Prasad:> Hi, > > Following 2 vulnerabilities were detected in VA scan required for PCI > compliance: > > 1. SSL Weak Cipher Suites Supported > 2. SSL Medium Strength Cipher Suites Supported > > I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any > idea how to get rid of this? > > Thanks, > AnumehaYou have far more security issues with your system than just providing weak SSL ciphers, because you are not up to date. The current CentOS 5 minor release is 9 with a fair amount of additional bug and security updates. Update ASAP (`yum update'). Alexander