PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 21:21:31 +00:00
Code Issues Projects Releases Wiki Activity

Deprecate RC4 ciphersuites

Browse Source
This commit is contained in:
dmiller
2016-05-02 13:55:16 +00:00
parent fbddc99f6d
commit b341915722
3 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/ssl-enum-ciphers.nse
View File

@@ -492,8 +492,8 @@ local function find_ciphers_group(host, port, protocol, group, scores)
end
if protocol == "SSLv3" and info.mode and info.mode == "CBC" then
scores.warnings["CBC-mode cipher in SSLv3 (CVE-2014-3566)"] = true
elseif info.cipher == "RC4" and tls.PROTOCOLS[protocol] >= 0x0302 then
scores.warnings["Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation"] = true
elseif info.cipher == "RC4" then
scores.warnings["Broken cipher RC4 is deprecated by RFC 7465"] = true
end
local kex = tls.KEX_ALGORITHMS[info.kex]
local extra, kex_strength