Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

OpenSSL version in IOS

Wassim Aouadi
Level 4
Level 4

‎12-04-2012 09:33 AM - edited ‎02-21-2020 04:47 AM

Hi networkers,

I recently run a pentest against a 2911 router. It mentioned the following message:

[quote]Vulnerability allows remote attackers to force the downgrade to an unintended  cipher.

OpenSSL before 0.9.8q, and 1.0.x  before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not  properly prevent modification of the ciphersuite in the session cache, which  allows remote attackers to force the downgrade to an unintended cipher via  vectors involving sniffing network traffic to discover a session  identifier."
To fix the vulnerability update  your software according to used platform. All necessary information is available  here:
http://www.openssl.org/ "

[/quote]

Is there a way to detect the version of SSL implemented on a router?
Thanks,
Wass

3 people had this problem
0 Helpful
Who Me Too'd this topic