NASLDB: SSL Certificate Chain Contains Weak RSA Keys
General
ID: 60108
Name: SSL Certificate Chain Contains Weak RSA Keys
Summary: Checks that the certificate chain has no weak RSA keys
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:P
CVSS Temporal Vector: –
Port: –
Family: General
Type: Remote
Description
At least one of the X.509 certificates sent by the remote host has a
key that is shorter than 1024 bits. Such keys are considered weak due
to advances in available computing power decreasing the time required
to factor cryptographic keys.
Some SSL implementations, notably Microsoft’s, may consider this SSL
chain to be invalid due to the length of one or more of the RSA keys
it contains.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: –
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2012/07/24
Plugin
Version: 1.1
Filename: ssl_weak_rsa_keys.nasl
Filesize: 2723 bytes
MD5 Hash: 493fb7ae1b3fe9fbb44aa7de7ad51def
Identification: –
Require Keys: SSL/Chain/WeakRSA
Dependencies: "ssl_certificate_chain.nasl"
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack