about tls/ssl vulnerability of softethervpn
Posted: Tue Nov 06, 2018 11:32 am
when i use a vulnerability scan tool to scan my vpn server which i deployed it with Softether-vpnserver v4.28-9669.
the scan result come out with a vulnerability.
i want to know how to fix it.
the detail information i post below.
The SSL/Tls protocol is widely used encryption protocol.The Bar Mitzvah attack actually exploits the "invariant vulnerablity",which is a flaw in the RC4 algorithm. which can leak ssl/tls encrypted traffic in some cases. the ciphertext,which leaks account username password,credit card data and other sensitive information to hakers.
the scan result come out with a vulnerability.
i want to know how to fix it.
the detail information i post below.
The SSL/Tls protocol is widely used encryption protocol.The Bar Mitzvah attack actually exploits the "invariant vulnerablity",which is a flaw in the RC4 algorithm. which can leak ssl/tls encrypted traffic in some cases. the ciphertext,which leaks account username password,credit card data and other sensitive information to hakers.