Environment
NetIQ eDirectory 8.8 SP8
Situation
A Nessus or nmap scan against eDirectory 8.8 SP8 reports that the server supports the use of SSL ciphers that offer no encryption at all.
Below is a sample Nessus scan report:
Synopsis
The remote service supports the use of null SSL ciphers.
The remote service supports the use of null SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer no encryption at all.
The remote host supports the use of SSL ciphers that offer no encryption at all.
Note: This is considerably easier to exploit if the attacker is on the same physical network.
Solution
Reconfigure the affected application, if possible to avoid the use of null ciphers.
Reconfigure the affected application, if possible to avoid the use of null ciphers.
Risk Factor
Medium
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
----------------------------------------
(tcp/636)
(tcp/636)
Here is the list of null SSL ciphers supported by the remote server :
Null Ciphers (no encryption)
TLSv1
RSA-NULL-SHA256 Kx=RSA Au=RSA Enc=None Mac=SHA256
RSA-NULL-SHA256 Kx=RSA Au=RSA Enc=None Mac=SHA256
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Resolution
This is a false positive. All NULL ciphers are disabled at the server. NULL ciphers cannot be used in any way by clients.
NTLS defines its own cipher strings from the values 0x3B to 0x40:
TLS1_TXT_RSA_WITH_AES_192_SHA - 0x3B
TLS1_TXT_DH_DSS_WITH_AES_192_SHA - 0x3C
TLS1_TXT_DH_RSA_WITH_AES_192_SHA - 0x3D
TLS1_TXT_DHE_DSS_WITH_AES_192_SHA - 0x3E
TLS1_TXT_DHE_RSA_WITH_AES_192_SHA - 0x3F
TLS1_TXT_ADH_WITH_AES_192_SHA - 0x40
TLS1_TXT_DH_DSS_WITH_AES_192_SHA - 0x3C
TLS1_TXT_DH_RSA_WITH_AES_192_SHA - 0x3D
TLS1_TXT_DHE_DSS_WITH_AES_192_SHA - 0x3E
TLS1_TXT_DHE_RSA_WITH_AES_192_SHA - 0x3F
TLS1_TXT_ADH_WITH_AES_192_SHA - 0x40
Unfortunately, OpenSSL uses the same value (0x3B) for the NULL cipher TLS_RSA_WITH_NULL_SHA256. Therefore when the server responds to a TLS1_TXT_RSA_WITH_AES_192_SHA cipher the scanner will interpret this as evidence that the TLS_RSA_WITH_NULL_SHA256 cipher is in use.
If a client attempted to use the cipher value 0x3B, assuming it is TLS_RSA_WITH_NULL_SHA256, the client could not decode the data since the cipher used by the server is actually TLS1_TXT_RSA_WITH_AES_192_SHA.
Though the values used by the scanner are correct and universally accepted we cannot change our cipher values as this would break backward compatibility.
This is a false positive and can safely be ignored.
Additional Information
Any scanner based on openssl will trigger such false positive.