31 Jul
2013
31 Jul
'13
12:48 p.m.
On 07/31/2013 08:52 PM, Anumeha Prasad wrote:
Hi,
Following 2 vulnerabilities were detected in VA scan required for PCI compliance:
- SSL Weak Cipher Suites Supported
- SSL Medium Strength Cipher Suites Supported
I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any idea how to get rid of this?
Are you using SSL /https? If so, edit the SSL settings to remove the offending ciphers. Where else are you using SSL - check configs for ciphers supported. Edit to taste. HTH
Thanks, Anumeha _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos