Sweet32-Vulnerability/EN: Unterschied zwischen den Versionen
Zeile 4: | Zeile 4: | ||
|'''Check'''|| {{:{{PAGENAME}}/Negative}} | |'''Check'''|| {{:{{PAGENAME}}/Negative}} | ||
|- | |- | ||
− | |''' | + | |'''Description'''|| {{:{{PAGENAME}}/Description}} |
|- | |- | ||
− | |''' | + | |'''Background'''|| {{:{{PAGENAME}}/Background}} |
|- | |- | ||
− | |''' | + | |'''Consequence'''|| {{:{{PAGENAME}}/Consequence}} |
|- | |- | ||
− | |''' | + | |'''Solution/Tips'''|| {{:{{PAGENAME}}/Solution_Tips}} |
|} | |} | ||
Zeile 16: | Zeile 16: | ||
[[Category:Siwecos-Scanner/EN]] | [[Category:Siwecos-Scanner/EN]] | ||
{{:{{PAGENAME}}/Category}} | {{:{{PAGENAME}}/Category}} | ||
− |
Version vom 15. März 2019, 14:00 Uhr
Check for the Sweet32 vulnerability
Check | Vulnerable to Sweet32. |
Description | The server is vulnerable to Sweet32, which allows an attacker under certain circumstances to decrypt parts of the communication if large amounts of data are transferred over a connection. |
Background | The attack exploits 64-bit block ciphers. The Sweet32 attack allows an attacker, under certain circumstances, to recover small pieces of text when encrypted with 64-bit block ciphers (such as 3DES). The attack is not very easy to perform, so the threat is limited. |
Consequence | The server is vulnerable through Sweet32, which allows an attacker to decrypt the communication. |
Solution/Tips | Wherever possible, it is best not to use triple DES. Deactivate block ciphers with a block length of 64 bits. |