We regularly test our system from the outside using a vulnerability assessment tool and since today we have a new vulnerability which states :
"SSL Server Has SSLv2 Enabled Vulnerability"
"The Secure Socket Layer (SSL) protocol allows for secure communication between a client and a server.
There are known flaws in the SSLv2 protocol. A man-in-the-middle attacker can force the communication to a less secure level and then attempt to break the weak encryption. The attacker can also truncate encrypted messages.
These flaws have been fixed in SSLv3 (or TLSv1). Most servers (including all popular web-servers, mail-servers, etc.) and clients (including Web-clients like IE, Netscape Navigator and Mozilla and mail clients) support both SSLv2 and SSLv3. However, SSLv2 is enabled by default for backward compatibility.
"
Is there a configuration change I can do on the Astaro Firewall in order to eliminate this vulnerability ?
This thread was automatically locked due to age.
