Hello everyone, I ran a pentest with Openvas on my server. I use the policy 10/05/2020 and the test found vulnerabilities.
64-bit block cipher 3DES vulnerable to the SWEET32 attack (CVE-2016-2183).
I’ll stop here. Can anyone suggest me any Custom actions to take, clearly if necessary?
1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.
2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.
Not exactly, the penteste I wanted to perform was just to test the system, the cups service runs only via LAN and in the future via VPN. Anyway, thank you -
Yes, I wanted to do it for a simple test, also if I had to take a test from Wan I had to modify firewalls, fail2ban etc. In practice, a simple internal verification.
Uh, CUPS…is there someone who still using it out there?
I’m working a little on some vulnerability tools (OpenVAS and Nessus) in the last few weeks and I saw many of such warning. Most of them can be ignored, especially for services exposed only inside the LAN.
TLS policy has been created mostly for public services, I do not think it’s necessary to enforce it for private networks.
@france if you want to improve CUPS security, try to set SSLOption, it should be something like (not tested):
Hi Giacomo, I don’t use cups much, but as written above I just wanted to launch a pentest and I’m not here to list the other alerts (Postfix), because my question was only directed to the vulnerability found in SSL at CUPS 631 service. Anyway, thank you for your intervention.