You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by tpilouis
Pages 1
Hi Kaleb,
I maintain a legacy system. I think move Cyassl to wolfssl is a good way. Web server of my system need support http/https/IPv4/IPv6/cgi, which web server is a good choice? Wolfssl v3.13.0 cannot support yasslEWS 1.0 right?
Wolfssl v3.13.0 can support mongoose server?
Best Regards
tpilouis
Hi Kaleb,
Thanks For Reply. Yes, Nessue scan entire system not only scan Cyassl. My web server is yasslEWS 1.0 + Cyassl 3.3.0, which provides http (port 80) and https (port 443) services. My system does not use Openssl lib, so very strange!
I did a test today and stopped the yasslEWS 1.0 service before Nessus scanned it. The result was normal and Nessus did not report the issue CVE-2010-4180. If yasslEWS 1.0 was enabled before running Nessus, the problem reappeared. This problem always occurs on port 443.
Output
The server allowed the following session over TLSv1 to be resumed as follows :
Session ID : b3924b29ba55e3d4b3026fa0db05db71adb018936269ecd2b95ad00a4ce57f67
Initial Cipher : TLS1_CK_RSA_WITH_AES_256_CBC_SHA (0x0035)
Resumed Cipher : TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Port Hosts
443 / tcp / www 192.168.7.80
My System listen port as bellow:
~ # netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 329/dropbear
tcp 0 0 ::%53740:80 ::%385896:* LISTEN 288/yasslEWS
tcp 0 0 ::%53740:22 ::%386104:* LISTEN 329/dropbear
tcp 0 0 ::%53740:23 ::%386312:* LISTEN 296/telnetd
tcp 0 0 ::%53740:443 ::%386520:* LISTEN 288/yasslEWS
udp 0 0 127.0.0.1:33801 0.0.0.0:* 290/snmpd
udp 0 0 127.0.0.1:33802 0.0.0.0:* 336/vcm_serv
udp 0 0 127.0.0.1:33811 0.0.0.0:* 336/vcm_serv
udp 0 0 127.0.0.1:33821 0.0.0.0:* 313/sntp
udp 0 0 0.0.0.0:161 0.0.0.0:* 290/snmpd
udp 0 0 127.0.0.1:33831 0.0.0.0:* 254/appDemo
udp 0 0 ::%273664:161 ::%321022:* 290/snmpd
~ #
~ #
Best Regards,
tpilouis
My system use Cyassl v3.3.0. I used Nessue to scan my system, the Nessue report CVE-2010-4180 issue.
How to fix this issue?
CVE-2010-4180
Description
The version of OpenSSL on the remote host has been shown to allow resuming session with a weaker cipher than was used when the session was initiated. This means that an attacker that sees (i.e., by sniffing) the start of an SSL connection can manipulate the OpenSSL session cache to cause subsequent resumptions of that session to use a weaker cipher chosen by the attacker.
Note that other SSL implementations may also be affected by this vulnerability.
Solution
Upgrade to OpenSSL 0.9.8q / 1.0.0.c or later, or contact your vendor for a patch.
Output
• The server allowed the following session over TLSv1 to be resumed as follows :
•
• Session ID : 2deaec4a3d2421a895ca58902a0939f6f53e380bb8d75ee9cca92caf0baff871
• Initial Cipher : TLS1_CK_RSA_WITH_AES_256_CBC_SHA (0x0035)
• Resumed Cipher : TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Pages 1
wolfSSL - Embedded SSL Library → Posts by tpilouis
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.014 seconds (96% PHP - 4% DB) with 4 queries