Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
621
Views
0
Helpful
1
Replies

SSL with pct in the https service?

jusecas86
Level 1
Level 1

‎04-10-2012 08:36 AM - edited ‎03-10-2019 06:59 PM

Hi,

Recently, in my organization we ran a vulnerabilty test and  the ACS platfomr got this vulnerability  ssl-pct1-bo basically consist when an application over https run a protocol named ptc that is a library of ssl, this is a potencial risk because it  could permit execute a buffer overflow over the machine, but when I look for information about it i found that affects systems over windows O.S. I want to know if this vulnerability could affect my ACS. It is 5.1.0.44.5 version. I know that my acs is based on a linux o.s but i want to know if ptc could be execute altought this.

Regards.

Labels:
0 Helpful
1 Reply 1

Jagdeep Gambhir
Level 10
Level 10

‎04-10-2012 12:01 PM

Juan,

ACS does not use MD5 for CSR or self sign cert generation. Option we have is either SHA1 or SHA256.

Regards

~JG

Do rate helpful posts

0 Helpful
Customers Also Viewed These Support Documents