search for: ssl2

I think the website is down.. I can't get to the root, or any of the 'previously visited' links I still have in my browser. How do I turn off SSLv2 support?

Hi all, when hardening dovecot against the POODLE vulnerability, we followed the advise to disable SSL2 and SSL3 but this is giving problems with some email clients (claws-mail). ssl_protocols = !SSLv2 !SSLv3 results in the following error: dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL rou...

...L = NULL ) , L2 = list ( foo = "bar" , SL = list (SSL1 = list (DF = data.frame(val = 21, foo = "bar") , DFOO = list(foo = "foo", bar = "bar") ) , SSL2 = list (DF = data.frame(val = 22, foo = "bar") , DFOO = list(foo = "foo", bar = "bar") ) ) ) , L3 = list ( foo = "bar" , SL = list (SSL1 = list...

...:: ssl_prefer_server_ciphers = yes # Only available on dovecot 2.2.7 and later:: ssl_dh_parameters_length = 2048 Work fine, but only testssl.sh scanner generate small warning "Secure Client-Initiated Renegotiation VULNERABLE (NOT ok), DoS threat" openssl s_client -connect $host:993 -ssl2(3) and openssl s_client -connect $host:143 -starttls imap -showcerts -state -crlf -ssl2(3) break connection

...bits and with ar and llvm-ar on Ubuntu 64 bits. Does anyone knows why? I searched in the llvm-ar doc in order to find if there was an argument or something like that. For information, I configured openssl with the following parameters : ./Configure darwin64-x86_64-cc enable-ec_nistp_64_gcc_128 no-ssl2 no-ssl3 no-comp --openssldir=/usr/local/ssl/macos-x86_64 And I replaced this line AR= ar $(ARFLAGS) r in the Makefile with this AR= /path/to/llvm-ar $(ARFLAGS) r Greetings, Johan Wehrli

On 09/03/16 10:44, Florent B wrote: > Hi, > > I don't see any SSL configuration option in Dovecot to disable > "Client-initiated secure renegotiation". > > It is advised to disable it as it can cause DDoS (CVE-2011-1473). > > Is it possible to have this possibility through an SSL option or other ? > > Thank you. > > Florent ssl_protocols = !SSLv3

...op3 mail_plugin_dir: /usr/lib/dovecot/pop3 pop3_client_workarounds: outlook-no-nuls auth default: passdb: driver: pam userdb: driver: passwd and last but not least, here is my test from openssl. Mind you this fails as a "BAD" ssl cert in Evolution. :~$ openssl s_client -ssl2 -connect pop.x10.com:995 CONNECTED(00000003) depth=0 /C=US/ST=Washington/L=Renton/O=X10 Wireless Technology, Inc./OU=Information Technology/OU=Terms of use at www.verisign.com/rpa (c)05/CN=pop.x10.com verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /C=US/ST=Washin...

...al OpenSSL advisory. Advisory 1 ========== A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are conducting a security review of OpenSSL, under the DARPA program CHATS. Vulnerabilities --------------- All four of these are potentially remotely exploitable. 1. The client master key in SSL2 could be oversized and overrun a buffer. This vulnerability was also independently discovered by consultants at Neohapsis (http://www.neohapsis.com/) who have also demonstrated that the vulerability is exploitable. Exploit code is NOT available at this time. 2. The session ID suppl...

...s before, claws-mail can't connect. dovecot version is 2.1.7 any hints ? On 2015-01-09 07:50, Philipp Resch wrote: > Am 09.01.2015 um 08:07 schrieb ml at ruggedinbox.com: >> Hi all, when hardening dovecot against the POODLE vulnerability, >> we followed the advise to disable SSL2 and SSL3 >> but this is giving problems with some email clients (claws-mail). >> >> ssl_protocols = !SSLv2 !SSLv3 >> >> results in the following error: >> >> dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): >> user=<>, >&gt...

...; control SW throught FF. Maybe I have to restart FF ... going to try > that ... no joy, same errors. Contacting IBM now. For some of the IBM hardware I have had to use a new Java but an old copy of Firefox. The best explanation I have is probably flawed but it was that the hardware wanted SSL1/SSL2 type stuff which the new Firefox and items blocked. There is probably a better way to fix it. -- Stephen J Smoogen.

doveconf -n output? On 1/9/2015 2:07 AM, ml at ruggedinbox.com <ml at ruggedinbox.com> wrote: > Hi all, when hardening dovecot against the POODLE vulnerability, > we followed the advise to disable SSL2 and SSL3 > but this is giving problems with some email clients (claws-mail). > > ssl_protocols = !SSLv2 !SSLv3 > > results in the following error: > > dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, > rip=XXX, lip=XXX, TLS handshaking: SSL_acc...

Am 09.01.2015 um 08:07 schrieb ml at ruggedinbox.com: > Hi all, when hardening dovecot against the POODLE vulnerability, > we followed the advise to disable SSL2 and SSL3 > but this is giving problems with some email clients (claws-mail). > > ssl_protocols = !SSLv2 !SSLv3 > > results in the following error: > > dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, > rip=XXX, lip=XXX, TLS handshaking: SSL_a...

...I get this error: Error: Failed to apply catalog: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: (null) This seems to be due to this issue: https://github.com/crafters/cielo/issues/4 Also the openssl tests confirm that: >openssl s_client -connect puppetmaster.com:8140 -ssl2 CONNECTED(00000003) 8192098:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428: When using -ssl3 it works. Any help much appreciated Thanks Stephan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscri...

Hi all, Am trying to find a way to disable SSLv3 protocol in smb.conf on Samba4. I am using the following: tls enabled = yes tls keyfile = tls/myKey.pem tls certfile = tls/myCert.pem tls cafile = With a self-signed cert. But when I remote connect from another host using: openssl s_client -showcerts -connect samba4-dc:636 -ssl3 I get a successful

...F. Maybe I have to restart FF ... going to try >> that ... no joy, same errors. Contacting IBM now. > > For some of the IBM hardware I have had to use a new Java but an old > copy of Firefox. The best explanation I have is probably flawed but it > was that the hardware wanted SSL1/SSL2 type stuff which the new > Firefox and items blocked. There is probably a better way to fix it. I have FF version 24.6.0 - probably very old. This is a locked down machine, not on the internet, so installing anything is a pain.

...> dovecot version is 2.1.7 > > any hints ? > > > On 2015-01-09 07:50, Philipp Resch wrote: >> Am 09.01.2015 um 08:07 schrieb ml at ruggedinbox.com: >>> Hi all, when hardening dovecot against the POODLE vulnerability, >>> we followed the advise to disable SSL2 and SSL3 >>> but this is giving problems with some email clients (claws-mail). >>> >>> ssl_protocols = !SSLv2 !SSLv3 >>> >>> results in the following error: >>> >>> dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=&l...

On Thu, Sep 14, 2017 at 11:38 AM, Rich Huff <rich at richhuff.com> wrote: > On Thu, 2017-09-14 at 11:25 -0400, Larry Martell wrote: >> On Thu, Sep 14, 2017 at 11:08 AM, Darr247 <darr247 at gmail.com> wrote: >> > >> > >> > > I have some software that says it requires JRE 8.1 or higher. >> > >> > That's very odd, since

...at-linux-gnueabi/usr/include/openssl/rand.h /usr/armv5tel-softfloat-linux-gnueabi/usr/include/openssl/rsa.h /usr/armv5tel-softfloat-linux-gnueabi/usr/include/openssl/safestack.h /usr/armv5tel-softfloat-linux-gnueabi/usr/include/openssl/sha.h /usr/armv5tel-softfloat-linux-gnueabi/usr/include/openssl/ssl23.h /usr/armv5tel-softfloat-linux-gnueabi/usr/include/openssl/ssl2.h /usr/armv5tel-softfloat-linux-gnueabi/usr/include/openssl/ssl3.h /usr/armv5tel-softfloat-linux-gnueabi/usr/include/openssl/ssl.h /usr/armv5tel-softfloat-linux-gnueabi/usr/include/openssl/stack.h /usr/armv5tel-softfloat-linux-gnueab...

On 23 Aug 2016, at 15:08, cleber-listas at inetweb.com.br wrote: > > Hello Guys, > I guess that I found a bug in Dovecot 2.2.18 and 2.2.25 versions. The > problem it's when I try to connect in a Dovecot used a proxy to another > e-mail server (in our case it's a Smartermail Server) the DoveCot send a > lot of IDLE commands to the destination server. With that, the LOG

...ache of string allocations for better performance and compatibility. *** Internet and networking - HTTPS connections use GnuTLS (or Secure Transport on Mac OS X). OpenSSL is no longer used. - The TLS 1.1 and TLS 1.2 protocols are enabled by default, with automatic fallback to TLS 1.0. The SSL2 protocol is disabled by default. - Security certificate validation errors are handled better. - NTLM and Negotiate authentication protocols are supported. - ActiveX controls can be downloaded and installed automatically. - Internet proxy bypass is supported, and can be enabled either throug...