Environment
Novell Open Enterprise Server (OES)
Novell NetWare 6.5
Novell NetWare 6.5
Situation
SSL Allows the use of Weak Ciphers.
SSL Server Allows Cleartext Communication Vulnerability port 443/tcp over SSL
SSL Server Supports Weak Encryption Vulnerability port 443/tcp over SSL
SSL Server May Be Forced to Use Weak Encryption Vulnerability port 443/tcp over SSL
The Secure Sockets Layer (SSL) protocol allows for secure communication between a client and a server.
The client-server communication is generally encrypted using a symmetric cipher such as RC2, RC4, DES or 3DES.
Some ways to verify if a port is allowing weak ciphers. This is useful if detection software shows a fault positive.
openssl s_client -connect <ipaddress:port> -ssl2 -state
EX: openssl s_client -connect 192.168.1.100:443 -ssl2 -state
openssl s_client -connect <ipaddress:port> -cipher LOW -state
EX: openssl s_client -connect 192.168.1.100:443 -cipher LOW -state
SSL Server Allows Cleartext Communication Vulnerability port 443/tcp over SSL
SSL Server Supports Weak Encryption Vulnerability port 443/tcp over SSL
SSL Server May Be Forced to Use Weak Encryption Vulnerability port 443/tcp over SSL
The Secure Sockets Layer (SSL) protocol allows for secure communication between a client and a server.
Some ways to verify if a port is allowing weak ciphers. This is useful if detection software shows a fault positive.
openssl s_client -connect <ipaddress:port> -ssl2 -state
EX: openssl s_client -connect 192.168.1.100:443 -ssl2 -state
openssl s_client -connect <ipaddress:port> -cipher LOW -state
EX: openssl s_client -connect 192.168.1.100:443 -cipher LOW -state
Resolution
NILE.NLM has been modified so that strong ciphers are preferred over weak ciphers by default during SSL handshakes.
The updated version of NILE.NLM is available for download in NILE65SP5A.EXE.
Additional Information
Each of the vulnerabilities and their associated CVE numbers are listed below:
CVE- 2006- 0997 - SSL Server Allows Cleartext Communication Vulnerability port 443/tcp over SSL
CVE- 2006- 0998 - SSL Server Supports Weak Encryption Vulnerability port 443/tcp over SSL
CVE- 2006- 0999 - SSL Server May Be Forced to Use Weak Encryption Vulnerability port 443/tcp over SSL
In order to revert back to allowing weak ciphers it is necessary to modify the SYS:\ETC\NILE.CFG and enter the following:
[WeakCrypto]
Enabled=Y|N
NOTE: After modifying the settings in the SYS:\ETC\NILE.CFG file it is necessary to restart the server to have the changes take effect.
SSL Digger by Foundstone was used to test this vulnerability.
For more information go to www.foundstone.com
Formerly known as TID# 10100633
In order to revert back to allowing weak ciphers it is necessary to modify the SYS:\ETC\NILE.CFG and enter the following:
SSL Digger by Foundstone was used to test this vulnerability.
Formerly known as TID# 10100633