On 07/31/2013 08:52 PM, Anumeha Prasad wrote: > Hi, > > Following 2 vulnerabilities were detected in VA scan required for PCI > compliance: > > 1. SSL Weak Cipher Suites Supported > 2. SSL Medium Strength Cipher Suites Supported > > I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any > idea how to get rid of this? Are you using SSL /https? If so, edit the SSL settings to remove the offending ciphers. Where else are you using SSL - check configs for ciphers supported. Edit to taste. HTH > Thanks, > Anumeha > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos