JVN Info.

Id
18453  
Name
JVNDB-2014-007328  
Title
GParted における root 権限を持つ任意のコマンドを実行される脆弱性  
Summary
GParted には、root 権限を持つ任意のコマンドを実行される脆弱性が存在します。  
Nvdinfo
CVE-2014-7208  
Cvssv2
7.2  
Jvnurl
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007328.html  
Published Date
2014-12-18  
Registered Date
2014-12-22  
Last Updated Date
2015-04-08  

Actions

Related Nessuslogs

Id Log ID Jvninfo Id Plugin ID CVE CVSS Risk Host Protocol Port Name Synopsis Description Solution See Also Plugin Output Actions
36 19_tokyu_hikarie_20170118.csv 18453 94437 CVE-2016-2183 2.6 Low 119.75.229.147 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
294 H28-MOJ-Online-Nara-5-Seg-2-20161126-Endo_mq01q9.csv 18453 94437 CVE-2016-2183 2.6 Low 163.49.22.129 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
295 H28-MOJ-Online-Nara-5-Seg-2-20161126-Endo_mq01q9.csv 18453 94437 CVE-2016-2183 2.6 Low 163.49.22.129 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
296 H28-MOJ-Online-Nara-5-Seg-2-20161126-Endo_mq01q9.csv 18453 94437 CVE-2016-2183 2.6 Low 163.49.22.129 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
509 H28-MOJ-Online-Nara-5-Seg-3-20161126-Endo_6uyjrf.csv 18453 94437 CVE-2016-2183 2.6 Low 163.49.22.130 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
510 H28-MOJ-Online-Nara-5-Seg-3-20161126-Endo_6uyjrf.csv 18453 94437 CVE-2016-2183 2.6 Low 163.49.22.130 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
511 H28-MOJ-Online-Nara-5-Seg-3-20161126-Endo_6uyjrf.csv 18453 94437 CVE-2016-2183 2.6 Low 163.49.22.130 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
787 H28-MOJ-Online-Nara-7-Seg-1-20161126-Endo_nm0xzd.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.128.1 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
788 H28-MOJ-Online-Nara-7-Seg-1-20161126-Endo_nm0xzd.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.128.1 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
789 H28-MOJ-Online-Nara-7-Seg-1-20161126-Endo_nm0xzd.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.128.1 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1010 H28-MOJ-Online-Nara-7-Seg-2-20161126-Endo_2kfbtq.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.128.2 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1011 H28-MOJ-Online-Nara-7-Seg-2-20161126-Endo_2kfbtq.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.128.2 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1012 H28-MOJ-Online-Nara-7-Seg-2-20161126-Endo_2kfbtq.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.128.2 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1211 H28-MOJ-Online-Nara-8-Seg-1-20161126-Endo_qrnvlr.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.129.150 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1429 H28-MOJ-Online-Nara-8-Seg-2-20161126-Endo_j3uns1.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.129.34 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1631 H28-MOJ-Online-Nara-8-Seg-3-20161126-Endo_tdom56.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.129.33 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1632 H28-MOJ-Online-Nara-8-Seg-3-20161126-Endo_tdom56.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.129.33 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1633 H28-MOJ-Online-Nara-8-Seg-3-20161126-Endo_tdom56.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.129.33 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1634 H28-MOJ-Online-Nara-8-Seg-3-20161126-Endo_tdom56.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.129.33 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1635 H28-MOJ-Online-Nara-8-Seg-3-20161126-Endo_tdom56.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.129.33 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1830 H28-MOJ-Online-Nara-9-Seg-1-20161126-Endo_ilvrp0.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.130.5 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1831 H28-MOJ-Online-Nara-9-Seg-1-20161126-Endo_ilvrp0.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.130.5 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
1832 H28-MOJ-Online-Nara-9-Seg-1-20161126-Endo_ilvrp0.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.130.5 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2059 H28-MOJ-Online-Nara-9-Seg-2-20161126-Endo_ogdo2c.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.130.6 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2060 H28-MOJ-Online-Nara-9-Seg-2-20161126-Endo_ogdo2c.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.130.6 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2061 H28-MOJ-Online-Nara-9-Seg-2-20161126-Endo_ogdo2c.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.130.6 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2441 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.45 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2442 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.45 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2443 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.45 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2444 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.45 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2445 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.45 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2446 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.45 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2682 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.57 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2683 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.57 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2684 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.57 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2685 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.57 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2686 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.57 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2687 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.57 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2929 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.9 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2930 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.9 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2931 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.9 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2932 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.9 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
2933 H28-MOJ-Online-Nara-11-Seg-1-20161126-Endo_oxa90g.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.9 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3174 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.10 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3175 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.10 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3176 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.10 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3177 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.10 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3178 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.10 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3413 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.46 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3414 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.46 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3415 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.46 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3416 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.46 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3417 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.46 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3418 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.46 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3655 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.58 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3656 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.58 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3657 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.58 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3658 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.58 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3659 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.58 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3660 H28-MOJ-Online-Nara-11-Seg-2-20161126-Endo_rsvx6u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.58 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3902 H28-MOJ-Online-Nara-11-Seg-3-20161126-Endo_v796ck.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.11 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3903 H28-MOJ-Online-Nara-11-Seg-3-20161126-Endo_v796ck.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.11 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3904 H28-MOJ-Online-Nara-11-Seg-3-20161126-Endo_v796ck.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.11 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3905 H28-MOJ-Online-Nara-11-Seg-3-20161126-Endo_v796ck.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.11 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
3906 H28-MOJ-Online-Nara-11-Seg-3-20161126-Endo_v796ck.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.132.11 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4075 H28-MOJ-Online-Nara-12-Seg-1-20161126-Endo_57famk.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.100 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4076 H28-MOJ-Online-Nara-12-Seg-1-20161126-Endo_57famk.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.100 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4077 H28-MOJ-Online-Nara-12-Seg-1-20161126-Endo_57famk.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.100 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4078 H28-MOJ-Online-Nara-12-Seg-1-20161126-Endo_57famk.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.100 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4248 H28-MOJ-Online-Nara-12-Seg-1-20161126-Endo_57famk.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.128 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4249 H28-MOJ-Online-Nara-12-Seg-1-20161126-Endo_57famk.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.128 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4250 H28-MOJ-Online-Nara-12-Seg-1-20161126-Endo_57famk.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.128 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4251 H28-MOJ-Online-Nara-12-Seg-1-20161126-Endo_57famk.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.128 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4439 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.130 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4440 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.130 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4441 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.130 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4442 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.130 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4610 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.25 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4611 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4612 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.25 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4613 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.25 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4780 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.26 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4781 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4782 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.26 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
4783 H28-MOJ-Online-Nara-12-Seg-2-20161126-Endo_l4bznj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.133.26 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5100 H28-MOJ-Online-Nara-13-Seg-1-20161126-Endo_9whfs5.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.134.53 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5101 H28-MOJ-Online-Nara-13-Seg-1-20161126-Endo_9whfs5.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.134.53 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5102 H28-MOJ-Online-Nara-13-Seg-1-20161126-Endo_9whfs5.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.134.53 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5103 H28-MOJ-Online-Nara-13-Seg-1-20161126-Endo_9whfs5.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.134.53 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5319 H28-MOJ-Online-Nara-13-Seg-2-20161126-Endo_0pcahr.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.134.54 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5320 H28-MOJ-Online-Nara-13-Seg-2-20161126-Endo_0pcahr.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.134.54 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5321 H28-MOJ-Online-Nara-13-Seg-2-20161126-Endo_0pcahr.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.134.54 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5322 H28-MOJ-Online-Nara-13-Seg-2-20161126-Endo_0pcahr.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.134.54 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5552 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.100 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5553 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.100 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5692 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.129 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5693 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.129 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5829 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.150 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5830 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.150 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5949 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.200 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
5976 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.202 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6213 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.25 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6214 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6405 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.41 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6577 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.45 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6578 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.45 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6727 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.53 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6728 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.53 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6900 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.57 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
6901 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.57 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7082 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.61 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7083 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.61 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7271 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.63 tcp 9855 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Low Strength Ciphers (<= 64-bit key) TLSv1 EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5 export High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7272 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.63 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7273 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.63 tcp 8443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7475 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.65 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7476 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.65 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7649 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.68 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7860 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.69 tcp 8093 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7861 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.69 tcp 3994 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7862 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.69 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
7863 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.69 tcp 1433 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
8013 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.70 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
8050 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.87 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
8238 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.9 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
8432 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.10 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
8611 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.11 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
8747 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.131 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
8748 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.131 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
8881 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.201 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9051 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.26 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9052 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9207 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.42 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9379 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.46 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9380 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.46 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9528 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.54 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9529 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.54 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9703 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.58 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9704 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.58 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9864 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.62 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9865 H28-MOJ-Online-Nara-16-seg-2-20161126-soga_e6g03u.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.137.62 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
9987 H28-MOJ-Online-Nara-17-seg-1-20161126-soga_nryyhs.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.138.1 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
10288 H28-MOJ-Online-Nara-17-seg-1-20161126-soga_nryyhs.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.138.37 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
10407 H28-MOJ-Online-Nara-17-seg-2-20161126-soga_ng4omz.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.138.2 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
10595 H28-MOJ-Online-Nara-17-seg-2-20161126-soga_ng4omz.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.138.38 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
10796 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.151 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
10797 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.151 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
10798 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.151 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
10799 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.151 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
10800 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.151 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11130 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.33 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11131 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.33 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11132 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.33 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11133 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.33 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11134 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.33 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11261 H28-MOJ-Online-Nara-18-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.5 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11476 H28-MOJ-Online-Nara-18-seg-2-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.34 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11477 H28-MOJ-Online-Nara-18-seg-2-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.34 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11478 H28-MOJ-Online-Nara-18-seg-2-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.34 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11603 H28-MOJ-Online-Nara-18-seg-2-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.139.6 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11663 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.1 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11726 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.11 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11787 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.25 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11850 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.33 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11913 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.37 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
11975 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.41 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12036 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.45 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12097 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.5 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12159 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.53 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12222 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.61 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12285 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.65 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12346 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.67 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12407 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.69 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12468 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.71 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12531 H28-MOJ-Online-Nara-19-seg-1-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.9 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12793 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.10 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12855 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.2 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12918 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.26 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
12980 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.34 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13042 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.38 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13105 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.42 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13167 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.46 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13229 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.54 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13292 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.6 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13355 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.62 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13416 H28-MOJ-Online-Nara-19-seg-3-20161126-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.140.66 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13707 H28-MOJ-Online-Nara-23-seg-1-20161126-soga_0xbhqy.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.25 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13708 H28-MOJ-Online-Nara-23-seg-1-20161126-soga_0xbhqy.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13709 H28-MOJ-Online-Nara-23-seg-1-20161126-soga_0xbhqy.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.25 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13710 H28-MOJ-Online-Nara-23-seg-1-20161126-soga_0xbhqy.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.25 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13880 H28-MOJ-Online-Nara-23-seg-2-20161126-soga_qe2r2h.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.26 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13881 H28-MOJ-Online-Nara-23-seg-2-20161126-soga_qe2r2h.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.26 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13882 H28-MOJ-Online-Nara-23-seg-2-20161126-soga_qe2r2h.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.26 tcp 6547 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
13883 H28-MOJ-Online-Nara-23-seg-2-20161126-soga_qe2r2h.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14039 H28-MOJ-Teikyo-Nara-2-Seg-1-20161128-Endo_59hwry.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.193.212 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14138 H28-MOJ-Teikyo-Nara-2-Seg-2-20161128-Endo_kqsom5.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.193.13 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14139 H28-MOJ-Teikyo-Nara-2-Seg-2-20161128-Endo_kqsom5.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.193.13 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14175 H28-MOJ-Teikyo-Nara-2-Seg-2-20161128-Endo_kqsom5.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.193.216 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14209 H28-MOJ-Teikyo-Nara-2-Seg-3-20161128-Endo_0xumzn.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.193.217 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14387 H28-MOJ-Teikyo-Nara-3-Seg-1-20161128-Endo_rjal60.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.194.212 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14421 H28-MOJ-Teikyo-Nara-3-Seg-1-20161128-Endo_rjal60.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.194.217 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14727 H28-MOJ-Teikyo-Nara-3-Seg-2-20161128-Endo_z7mvid.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.194.216 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14806 H28-MOJ-Teikyo-Nara-11-Seg-1-20161128-Endo_5sv454.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.195.213 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14840 H28-MOJ-Teikyo-Nara-11-Seg-1-20161128-Endo_5sv454.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.195.219 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
14875 H28-MOJ-Teikyo-Nara-11-Seg-2-20161128-Endo_janch2.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.195.218 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15067 H28-MOJ-Teikyo-Nara-12-Seg-1-20161128-Endo_ot6e6s.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.15 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15068 H28-MOJ-Teikyo-Nara-12-Seg-1-20161128-Endo_ot6e6s.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.15 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15069 H28-MOJ-Teikyo-Nara-12-Seg-1-20161128-Endo_ot6e6s.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.15 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15070 H28-MOJ-Teikyo-Nara-12-Seg-1-20161128-Endo_ot6e6s.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.15 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15107 H28-MOJ-Teikyo-Nara-12-Seg-1-20161128-Endo_ot6e6s.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.213 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15141 H28-MOJ-Teikyo-Nara-12-Seg-1-20161128-Endo_ot6e6s.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.219 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15325 H28-MOJ-Teikyo-Nara-12-Seg-2-20161128-Endo_oug55j.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.16 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15326 H28-MOJ-Teikyo-Nara-12-Seg-2-20161128-Endo_oug55j.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.16 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15327 H28-MOJ-Teikyo-Nara-12-Seg-2-20161128-Endo_oug55j.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.16 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15328 H28-MOJ-Teikyo-Nara-12-Seg-2-20161128-Endo_oug55j.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.16 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15366 H28-MOJ-Teikyo-Nara-12-Seg-2-20161128-Endo_oug55j.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.196.218 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15481 H28-MOJ-Teikyo-Nara-13-Seg-1-20161128-Endo_vv45dy.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.197.32 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15482 H28-MOJ-Teikyo-Nara-13-Seg-1-20161128-Endo_vv45dy.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.197.32 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15590 H28-MOJ-Teikyo-Nara-13-Seg-1-20161128-Endo_vv45dy.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.197.34 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15591 H28-MOJ-Teikyo-Nara-13-Seg-1-20161128-Endo_vv45dy.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.197.34 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15699 H28-MOJ-Teikyo-Nara-13-Seg-2-20161128-Endo_a7gs9h.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.197.33 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15700 H28-MOJ-Teikyo-Nara-13-Seg-2-20161128-Endo_a7gs9h.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.197.33 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15809 H28-MOJ-Teikyo-Nara-13-Seg-2-20161128-Endo_a7gs9h.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.197.35 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15810 H28-MOJ-Teikyo-Nara-13-Seg-2-20161128-Endo_a7gs9h.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.197.35 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15939 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.100 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15940 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.100 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
15941 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.100 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16070 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.129 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16071 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.129 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16072 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.129 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16201 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16202 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.25 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16203 H28-MOJ-Teikyo-Nara-14-Seg-1-20161128-Endo_nwkk0a.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.25 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16343 H28-MOJ-Teikyo-Nara-14-Seg-2-20161128-Endo_byojab.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.128 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16344 H28-MOJ-Teikyo-Nara-14-Seg-2-20161128-Endo_byojab.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.128 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16345 H28-MOJ-Teikyo-Nara-14-Seg-2-20161128-Endo_byojab.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.128 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16472 H28-MOJ-Teikyo-Nara-14-Seg-2-20161128-Endo_byojab.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16473 H28-MOJ-Teikyo-Nara-14-Seg-2-20161128-Endo_byojab.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.26 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16474 H28-MOJ-Teikyo-Nara-14-Seg-2-20161128-Endo_byojab.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.198.26 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16583 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.166 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16584 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.166 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16692 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.30 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16693 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.30 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16891 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.62 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16892 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.62 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
16893 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17007 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.66 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17008 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.66 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17122 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.68 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17123 H28-MOJ-Teikyo-Nara-15-Seg-1-20161128-Endo_gheygl.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.68 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17223 H28-MOJ-Teikyo-Nara-15-Seg-2-20161128-Endo_5usqei.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.31 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17224 H28-MOJ-Teikyo-Nara-15-Seg-2-20161128-Endo_5usqei.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.31 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17333 H28-MOJ-Teikyo-Nara-15-Seg-2-20161128-Endo_5usqei.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.67 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17334 H28-MOJ-Teikyo-Nara-15-Seg-2-20161128-Endo_5usqei.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.199.67 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17606 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.130 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17607 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.130 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17608 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.130 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17874 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.150 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17875 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.150 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
17876 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.150 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18061 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.201 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18091 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.203 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18120 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.204 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18150 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.208 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18229 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.213 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18264 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.218 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18515 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18516 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.25 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18517 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.25 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
18931 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.61 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
19089 H28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.63 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
19413 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.129 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
19414 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.129 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
19415 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.129 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
19682 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
19683 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.26 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
19684 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.26 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20103 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.64 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20363 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.65 tcp 9855 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20364 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.65 tcp 7099 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20365 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.65 tcp 3170 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20366 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.65 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20367 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.65 tcp 49209 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20830 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.69 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20831 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.69 tcp 1433 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
20965 H28-MOJ-Teikyo-Nara-17-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.70 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21101 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.205 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21131 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.209 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21165 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.219 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21370 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21573 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.71 tcp 8093 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21574 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.71 tcp 3994 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21575 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.71 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21576 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.71 tcp 1433 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21612 H28-MOJ-Teikyo-Nara-17-seg-4-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.201.87 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21769 H28-MOJ-Teikyo-Nara-21-seg-1-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.1 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21870 H28-MOJ-Teikyo-Nara-21-seg-2-20161128-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.2 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21912 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.1 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
21955 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.10 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22061 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.15 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22104 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.20 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22146 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.22 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22189 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.25 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22240 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.3 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22282 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.32 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22324 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.34 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22367 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.63 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22410 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.65 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22454 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.66 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22497 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.68 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22540 nessus_H28-MOJ-Teikyo-Nara-18-seg-1-20161128-soga_667489456.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.69 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22623 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.11 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22703 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.16 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22746 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.2 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22789 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.21 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22832 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.26 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22875 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.33 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22918 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.35 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
22961 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.64 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
23004 nessus_H28-MOJ-Teikyo-Nara-18-seg-2-20161128-soga_730442296.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.202.67 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
23179 nessus_H28-MOJ-Teikyo-Nara-19-seg-1-20161128-soga_1720842268.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.203.212 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
23213 nessus_H28-MOJ-Teikyo-Nara-19-seg-1-20161128-soga_1720842268.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.203.217 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
23403 nessus_H28-MOJ-Teikyo-Nara-19-seg-2-20161128-soga_959935420.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.203.14 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
23404 nessus_H28-MOJ-Teikyo-Nara-19-seg-2-20161128-soga_959935420.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.203.14 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
23469 nessus_H28-MOJ-Teikyo-Nara-19-seg-2-20161128-soga_959935420.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.203.216 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
23629 H28-MOJ-Online-Funa-1-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 163.49.22.130 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
23630 H28-MOJ-Online-Funa-1-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 163.49.22.130 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24389 H28-MOJ-Online-Funa-4-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.150 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24390 H28-MOJ-Online-Funa-4-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.150 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24391 H28-MOJ-Online-Funa-4-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.150 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24392 H28-MOJ-Online-Funa-4-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.150 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24644 H28-MOJ-Online-Funa-4-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.33 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24645 H28-MOJ-Online-Funa-4-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.33 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24646 H28-MOJ-Online-Funa-4-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.33 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24647 H28-MOJ-Online-Funa-4-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.33 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24825 H28-MOJ-Online-Funa-4-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.34 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
24826 H28-MOJ-Online-Funa-4-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.1.34 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25031 H28-MOJ-Online-Funa-5-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.2.5 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25032 H28-MOJ-Online-Funa-5-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.2.5 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25200 H28-MOJ-Online-Funa-5-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.2.6 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25201 H28-MOJ-Online-Funa-5-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.2.6 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25536 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.12 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25537 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.12 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25538 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.12 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25539 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.12 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25756 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.13 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25757 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.13 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25758 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.13 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25759 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.13 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25979 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.45 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25980 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.45 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25981 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.45 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25982 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.45 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
25983 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.45 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26194 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.48 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26195 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.48 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26196 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.48 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26197 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.48 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26198 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.48 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26406 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.57 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26407 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.57 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26408 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.57 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26409 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.57 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26410 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.57 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26628 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.9 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26629 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.9 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26630 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.9 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26631 H28-MOJ-Online-Funa-7-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.9 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26848 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.10 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26849 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.10 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26850 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.10 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
26851 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.10 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27068 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.11 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27069 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.11 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27070 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.11 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27071 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.11 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27280 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.46 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27281 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.46 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27282 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.46 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27283 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.46 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27284 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.46 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27495 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.47 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27496 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.47 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27497 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.47 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27498 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.47 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27499 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.47 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27707 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.58 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27708 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.58 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27709 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.58 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27710 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.58 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27711 H28-MOJ-Online-Funa-7-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.4.58 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27858 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.100 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27859 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.100 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
27860 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.100 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28003 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.132 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28004 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.132 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28005 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.132 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28149 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.25 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28150 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28151 H28-MOJ-Online-Funa-8-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.25 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28306 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.128 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28307 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.128 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28308 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.128 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28453 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.130 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28454 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.130 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28455 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.130 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28600 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.26 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28601 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28602 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.26 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28744 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.27 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28745 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.27 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
28746 H28-MOJ-Online-Funa-8-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.5.27 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29030 H28-MOJ-Online-Funa-9-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.53 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29031 H28-MOJ-Online-Funa-9-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.53 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29032 H28-MOJ-Online-Funa-9-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.53 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29187 H28-MOJ-Online-Funa-9-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.55 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29188 H28-MOJ-Online-Funa-9-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.55 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29189 H28-MOJ-Online-Funa-9-Seg-1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.55 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29379 H28-MOJ-Online-Funa-9-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.54 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29380 H28-MOJ-Online-Funa-9-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.54 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29381 H28-MOJ-Online-Funa-9-Seg-2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.6.54 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29556 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.100 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29670 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.129 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
29785 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
30064 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.45 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
30188 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.53 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
30337 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.57 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
30494 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.61 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
30657 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.63 tcp 9855 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Low Strength Ciphers (<= 64-bit key) TLSv1 EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5 export High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
30658 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.63 tcp 8443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
30833 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.65 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
31005 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.68 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
31215 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.69 tcp 8093 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
31216 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.69 tcp 3994 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
31217 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.69 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
31218 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.69 tcp 1433 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
31368 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.70 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
31941 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.131 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
32085 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.150 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
32086 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.150 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
32087 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.150 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
32201 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
32478 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.46 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
32602 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.54 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
32750 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.58 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
32883 H28-MOJ-Online-Funa-12-seg-v2-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.62 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
33301 H28-MOJ-Online-Funa-12-seg-v3-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.133 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
33413 H28-MOJ-Online-Funa-12-seg-v3-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.27 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
33562 H28-MOJ-Online-Funa-12-seg-v3-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.47 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
33710 H28-MOJ-Online-Funa-12-seg-v3-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.48 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
33834 H28-MOJ-Online-Funa-12-seg-v3-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.55 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
33960 H28-MOJ-Online-Funa-12-seg-v4-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.87 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34103 H28-MOJ-Online-Funa-12-seg-v6-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.200 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34199 H28-MOJ-Online-Funa-12-seg-v7-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.201 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34226 H28-MOJ-Online-Funa-12-seg-v7-161103.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.9.203 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34465 H28-MOJ-Online-Funa-13-04-161103_ccslag.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.10.38 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34466 H28-MOJ-Online-Funa-13-04-161103_ccslag.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.10.38 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34646 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.151 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34647 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.151 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34648 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.151 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34649 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.151 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34956 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.33 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34957 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.33 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34958 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.33 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
34959 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.33 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35094 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.5 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35095 H28-MOJ-Online-Funa-14-01-161103_7dnetg.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.11.5 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35407 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.1 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35461 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.11 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35516 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.13 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35586 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.25 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35659 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.27 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35714 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.33 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35769 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.37 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35823 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.41 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35878 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.45 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35932 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.47 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
35987 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.5 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36042 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.53 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36150 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.61 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36205 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.65 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36260 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.67 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36315 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.69 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36368 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.71 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36423 H28-MOJ-Online-Funa-15-01-161103_dkj17f.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.9 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36478 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.10 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36533 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.12 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36588 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.2 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36658 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.26 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36713 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.34 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36767 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.38 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36822 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.42 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36876 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.46 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36931 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.48 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
36985 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.54 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37039 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.6 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37094 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.62 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37149 H28-MOJ-Online-Funa-15-02-161103_4tmj7k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.27.12.66 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37421 H28-MOJ-Online-Funa-19-01-161103_6tcyr3.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.25 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37422 H28-MOJ-Online-Funa-19-01-161103_6tcyr3.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37423 H28-MOJ-Online-Funa-19-01-161103_6tcyr3.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.25 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37568 H28-MOJ-Online-Funa-19-02-161103_ry3fcb.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.26 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37569 H28-MOJ-Online-Funa-19-02-161103_ry3fcb.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.26 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37570 H28-MOJ-Online-Funa-19-02-161103_ry3fcb.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37715 H28-MOJ-Online-Funa-19-02-161103_ry3fcb.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.27 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37716 H28-MOJ-Online-Funa-19-02-161103_ry3fcb.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.27 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37717 H28-MOJ-Online-Funa-19-02-161103_ry3fcb.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.27 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37820 H28-MOJ-Teikyo-Yokohama-2-Seg-1-161121-ohwada-x250.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.129.14 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37821 H28-MOJ-Teikyo-Yokohama-2-Seg-1-161121-ohwada-x250.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.129.14 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37887 H28-MOJ-Teikyo-Yokohama-2-Seg-1-161121-ohwada-x250.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.129.217 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
37983 H28-MOJ-Teikyo-Yokohama-2-Seg-2-161121-ohwada-x250.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.129.212 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
38013 H28-MOJ-Teikyo-Yokohama-2-Seg-2-161121-ohwada-x250.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.129.216 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
38191 H28-MOJ-Teikyo-Yokohama-3-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.130.217 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
38623 H28-MOJ-Teikyo-Yokohama-3-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.130.212 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
38658 H28-MOJ-Teikyo-Yokohama-3-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.130.216 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
38873 H28-MOJ-Teikyo-Yokohama-12-Seg-1-161121-Endo_j4m2q3.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.131.213 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
38908 H28-MOJ-Teikyo-Yokohama-12-Seg-1-161121-Endo_j4m2q3.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.131.218 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
38942 H28-MOJ-Teikyo-Yokohama-12-Seg-2-161121-Endo_5spjeh.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.131.219 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39146 H28-MOJ-Teikyo-Yokohama-13-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.15 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39147 H28-MOJ-Teikyo-Yokohama-13-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.15 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39148 H28-MOJ-Teikyo-Yokohama-13-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.15 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39149 H28-MOJ-Teikyo-Yokohama-13-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.15 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39186 H28-MOJ-Teikyo-Yokohama-13-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.213 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39220 H28-MOJ-Teikyo-Yokohama-13-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.219 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39416 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.16 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39417 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.16 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39418 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.16 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39419 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.16 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39618 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.17 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39619 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.17 tcp 23612 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39620 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.17 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39621 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.17 tcp 23611 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39659 H28-MOJ-Teikyo-Yokohama-13-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.132.218 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39774 H28-MOJ-Teikyo-Yokohama-14-seg-01-21161121-abe_lsgo29.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.133.32 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39775 H28-MOJ-Teikyo-Yokohama-14-seg-01-21161121-abe_lsgo29.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.133.32 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39883 H28-MOJ-Teikyo-Yokohama-14-seg-01-21161121-abe_lsgo29.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.133.34 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39884 H28-MOJ-Teikyo-Yokohama-14-seg-01-21161121-abe_lsgo29.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.133.34 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39992 H28-MOJ-Teikyo-Yokohama-14-seg-02-21161121-abe_4l9d3v.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.133.33 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
39993 H28-MOJ-Teikyo-Yokohama-14-seg-02-21161121-abe_4l9d3v.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.133.33 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40102 H28-MOJ-Teikyo-Yokohama-14-seg-02-21161121-abe_4l9d3v.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.133.35 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40103 H28-MOJ-Teikyo-Yokohama-14-seg-02-21161121-abe_4l9d3v.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.133.35 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40232 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.100 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40233 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.100 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40234 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.100 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40366 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.129 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40367 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.129 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40368 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.129 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40497 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40498 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.26 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40499 H28-MOJ-Teikyo-Yokohama-15-Seg-1-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.26 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40630 H28-MOJ-Teikyo-Yokohama-15-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.128 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40631 H28-MOJ-Teikyo-Yokohama-15-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.128 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40632 H28-MOJ-Teikyo-Yokohama-15-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.128 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40761 H28-MOJ-Teikyo-Yokohama-15-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40762 H28-MOJ-Teikyo-Yokohama-15-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.25 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
40763 H28-MOJ-Teikyo-Yokohama-15-Seg-2-161121-ohwada-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.134.25 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
41061 H28-MOJ-Teikyo-Yokohama-16-seg-01-21161121-abe_4l6tzo.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.135.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
41757 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.150 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
41871 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.166 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
41872 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.166 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42128 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.201 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42156 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.203 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42185 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.204 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42215 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.208 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42295 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.218 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42473 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.25 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42595 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.30 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42596 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.30 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42952 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.62 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42953 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.62 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
42954 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43114 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.63 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43375 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.65 tcp 9855 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43376 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.65 tcp 7099 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43377 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.65 tcp 3170 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43378 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.65 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43379 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.65 tcp 49213 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43513 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.66 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43514 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.66 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43637 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.68 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43638 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.68 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43914 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.69 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
43915 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.69 tcp 1433 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44052 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.70 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44256 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.71 tcp 8093 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44257 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.71 tcp 3994 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44258 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.71 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44259 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.71 tcp 1433 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44295 H28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.87 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44572 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.129 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44573 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.129 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44574 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.129 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44675 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.130 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44879 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.205 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44909 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.209 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44943 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.213 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
44977 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.219 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45123 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.26 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45230 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.31 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45231 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.31 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45563 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.61 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45722 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.64 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45845 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.67 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45846 H28-MOJ-Teikyo-Yokohama-18-seg-02-21161121-abe_vilnov.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.138.67 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45889 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.1 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
45932 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.10 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46112 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.15 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46156 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.20 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46199 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.25 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46250 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.32 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46293 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.33 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46336 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.63 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46379 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.65 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46422 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.66 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46465 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.68 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46508 H28-MOJ-Teikyo-Yokohama-19-Seg-1-161121-Endo_v6lf04.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.69 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46571 H28-MOJ-Teikyo-Yokohama-19-Seg-2-161121-Endo_nksyu2.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.11 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46614 H28-MOJ-Teikyo-Yokohama-19-Seg-2-161121-Endo_nksyu2.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.16 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46657 H28-MOJ-Teikyo-Yokohama-19-Seg-2-161121-Endo_nksyu2.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.2 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46700 H28-MOJ-Teikyo-Yokohama-19-Seg-2-161121-Endo_nksyu2.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.26 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46743 H28-MOJ-Teikyo-Yokohama-19-Seg-2-161121-Endo_nksyu2.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.67 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46786 H28-MOJ-Teikyo-Yokohama-19-Seg-3-161121-Endo_340kd4.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.17 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46829 H28-MOJ-Teikyo-Yokohama-19-Seg-3-161121-Endo_340kd4.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.3 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46872 H28-MOJ-Teikyo-Yokohama-19-Seg-3-161121-Endo_c0h4ua.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.17 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46915 H28-MOJ-Teikyo-Yokohama-19-Seg-3-161121-Endo_c0h4ua.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.3 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
46958 H28-MOJ-Teikyo-Yokohama-19-Seg-4-161121-Endo_qehd9k.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.4 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47001 H28-MOJ-Teikyo-Yokohama-19-Seg-5-161121-Endo_7i2nah.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.5 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47044 H28-MOJ-Teikyo-Yokohama-19-Seg-6-161121-Endo_fu4jjd.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.21 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47087 H28-MOJ-Teikyo-Yokohama-19-Seg-6-161121-Endo_fu4jjd.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.22 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47130 H28-MOJ-Teikyo-Yokohama-19-Seg-6-161121-Endo_fu4jjd.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.34 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47173 H28-MOJ-Teikyo-Yokohama-19-Seg-6-161121-Endo_fu4jjd.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.35 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47216 H28-MOJ-Teikyo-Yokohama-19-Seg-6-161121-Endo_fu4jjd.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.139.64 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47370 H28-MOJ-Teikyo-Yokohama-20-Seg-1-161121-Endo_694n4z.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.13 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47371 H28-MOJ-Teikyo-Yokohama-20-Seg-1-161121-Endo_694n4z.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.13 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47408 H28-MOJ-Teikyo-Yokohama-20-Seg-1-161121-Endo_694n4z.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.212 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47442 H28-MOJ-Teikyo-Yokohama-20-Seg-1-161121-Endo_694n4z.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.224 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47568 H28-MOJ-Teikyo-Yokohama-20-Seg-2-161121-Endo_nnt1f7.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.14 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47569 H28-MOJ-Teikyo-Yokohama-20-Seg-2-161121-Endo_nnt1f7.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.14 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47633 H28-MOJ-Teikyo-Yokohama-20-Seg-2-161121-Endo_nnt1f7.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.217 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47670 H28-MOJ-Teikyo-Yokohama-20-Seg-3-161121-Endo_awp0rr.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.216 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47704 H28-MOJ-Teikyo-Yokohama-20-Seg-3-161121-Endo_awp0rr.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.140.225 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47986 H28-MOJ-Teikyo-Yokohama-22-Seg-1-161121-Endo_ox5v27.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.1 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47987 H28-MOJ-Teikyo-Yokohama-22-Seg-1-161121-Endo_ox5v27.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.1 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
47988 H28-MOJ-Teikyo-Yokohama-22-Seg-1-161121-Endo_ox5v27.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.1 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48119 H28-MOJ-Teikyo-Yokohama-22-Seg-2-161121-Endo_j5lot6.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.2 tcp 5000 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48120 H28-MOJ-Teikyo-Yokohama-22-Seg-2-161121-Endo_j5lot6.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.2 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48121 H28-MOJ-Teikyo-Yokohama-22-Seg-2-161121-Endo_j5lot6.csv 18453 94437 CVE-2016-2183 2.6 Low 192.168.1.2 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48318 H28-MOJ-Teikyo-Makuhari-3-Seg-1-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.161.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48484 H28-MOJ-Teikyo-Makuhari-4-Seg-1-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.201 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48512 H28-MOJ-Teikyo-Makuhari-4-Seg-1-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.202 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48541 H28-MOJ-Teikyo-Makuhari-4-Seg-1-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.204 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48569 H28-MOJ-Teikyo-Makuhari-4-Seg-1-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.206 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48774 H28-MOJ-Teikyo-Makuhari-4-Seg-1-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.62 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48775 H28-MOJ-Teikyo-Makuhari-4-Seg-1-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.62 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48776 H28-MOJ-Teikyo-Makuhari-4-Seg-1-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48886 H28-MOJ-Teikyo-Makuhari-4-Seg-4-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.162 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48916 H28-MOJ-Teikyo-Makuhari-4-Seg-4-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.205 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
48944 H28-MOJ-Teikyo-Makuhari-4-Seg-4-161124-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.162.207 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49191 H28-MOJ-Teikyo-Shinkawa-3-Seg-1-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.151.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49400 H28-MOJ-Teikyo-Shinkawa-4-Seg-1-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.162 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49430 H28-MOJ-Teikyo-Shinkawa-4-Seg-1-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.204 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49458 H28-MOJ-Teikyo-Shinkawa-4-Seg-1-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.206 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49665 H28-MOJ-Teikyo-Shinkawa-4-Seg-1-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.62 tcp 9906 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49666 H28-MOJ-Teikyo-Shinkawa-4-Seg-1-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.62 tcp 9907 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49667 H28-MOJ-Teikyo-Shinkawa-4-Seg-1-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49716 H28-MOJ-Teikyo-Shinkawa-4-Seg-2-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.201 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49744 H28-MOJ-Teikyo-Shinkawa-4-Seg-2-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.202 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49773 H28-MOJ-Teikyo-Shinkawa-4-Seg-2-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.205 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49801 H28-MOJ-Teikyo-Shinkawa-4-Seg-2-161122-w510.csv 18453 94437 CVE-2016-2183 2.6 Low 172.30.152.207 tcp 82 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. https://sweet32.info/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49945 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.126 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49946 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.126 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49991 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.130 tcp 8084 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
49992 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.130 tcp 8083 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50026 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.131 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50124 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.15 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50221 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.160 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50222 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.160 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50296 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.17 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50395 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.18 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50396 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.18 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50397 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.18 tcp 1433 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50489 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.21 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50490 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.21 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50579 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.22 tcp 1311 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50580 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.22 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50629 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.226 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50682 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.39 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50734 H28_MUN_DWEB_Q4_172_16_20_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.20.63 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50847 H28_MUN_DWEB_Q4_172_16_21_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.21.226 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
50938 H28_MUN_DWEB_Q4_172_16_211_0_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.211.54 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Low Strength Ciphers (<= 64-bit key) SSLv2 EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5 export TLSv1 EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5 export Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) SSLv2 IDEA-CBC-MD5 Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=MD5 RC2-CBC-MD5 Kx=RSA Au=RSA Enc=RC2-CBC(128) Mac=MD5 TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
51041 H28_MUN_DWEB_Q4_172_16_212_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.212.1 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
51089 H28_MUN_DWEB_Q4_172_16_212_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.212.220 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
51907 H28_MUN_DWEB_Q4_172_16_240_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.240.115 tcp 1311 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
51908 H28_MUN_DWEB_Q4_172_16_240_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.240.115 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52077 H28_MUN_DWEB_Q4_172_16_240_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.240.131 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52252 H28_MUN_DWEB_Q4_172_16_242_seg.csv 18453 94437 CVE-2016-2183 5 Medium 172.16.242.254 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52340 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.130 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52341 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.130 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52421 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.141 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52422 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.141 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52513 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.15 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52514 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.15 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52594 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.181 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52595 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.181 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52676 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.183 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52768 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.19 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52769 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.19 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52858 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.24 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52859 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.24 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52904 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.243 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
52969 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.250 tcp 14943 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53062 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.62 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53063 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.62 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53151 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.71 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53152 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.71 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53233 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.88 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53234 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.88 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53326 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.9 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53327 H28_MUN_DWEB_Q4_192_168_242_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.9 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53386 H28_MUN_DWEB_Q4_192_168_242_part5.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.65 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53387 H28_MUN_DWEB_Q4_192_168_242_part5.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.242.65 tcp 1311 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53475 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.123 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53476 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.123 tcp 1311 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53542 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.153 tcp 1433 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Low Strength Ciphers (<= 64-bit key) TLSv1 EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5 export Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53625 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.163 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53716 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.18 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53717 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.18 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53809 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.20 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53810 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.20 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53890 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.63 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53891 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.63 tcp 3389 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
53963 H28_MUN_DWEB_Q4_192_168_243_Part1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.65 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54084 H28_MUN_DWEB_Q4_192_168_243_Part2_Retry2IPs.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.241 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54133 H28_MUN_DWEB_Q4_192_168_243_Part2_Retry2IPs.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.243.242 tcp 9898 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-DSS-DES-CBC3-SHA Kx=DH Au=DSS Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54361 nessus-scan-192-168-10-10#20170210#1.csv 18453 94437 CVE-2016-2183 5 Medium 192.168.10.10 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54492 1_Tokyu_remi_20170126.csv 18453 94437 CVE-2016-2183 5 Medium 54.199.215.149 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) SSLv2 IDEA-CBC-MD5 Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=MD5 RC2-CBC-MD5 Kx=RSA Au=RSA Enc=RC2-CBC(128) Mac=MD5 TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54533 2_tokyu_kosugi-square_20170118.csv 18453 94437 CVE-2016-2183 2.6 Low 202.53.27.201 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54567 tokyu_3_tokyu-style_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 157.7.183.113 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54604 tokyu_5_teiki_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 175.177.161.13 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54647 tokyu_6_tokyu_hospital_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 210.253.218.215 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54774 tokyu_7_tokyu_G_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 112.78.212.229 tcp 995 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54775 tokyu_7_tokyu_G_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 112.78.212.229 tcp 993 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54776 tokyu_7_tokyu_G_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 112.78.212.229 tcp 25 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54777 tokyu_7_tokyu_G_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 112.78.212.229 tcp 143 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54778 tokyu_7_tokyu_G_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 112.78.212.229 tcp 21 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54779 tokyu_7_tokyu_G_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 112.78.212.229 tcp 110 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54780 tokyu_7_tokyu_G_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 112.78.212.229 tcp 587 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54992 tokyu_9_tokyu-pasmo_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 59.106.61.103 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54993 tokyu_9_tokyu-pasmo_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 59.106.61.103 tcp 993 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54994 tokyu_9_tokyu-pasmo_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 59.106.61.103 tcp 995 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54995 tokyu_9_tokyu-pasmo_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 59.106.61.103 tcp 8443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54996 tokyu_9_tokyu-pasmo_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 59.106.61.103 tcp 25 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54997 tokyu_9_tokyu-pasmo_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 59.106.61.103 tcp 143 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54998 tokyu_9_tokyu-pasmo_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 59.106.61.103 tcp 110 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
54999 tokyu_9_tokyu-pasmo_20170116.csv 18453 94437 CVE-2016-2183 2.6 Low 59.106.61.103 tcp 587 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
55099 13_tokyu_bellselect_20170118.csv 18453 94437 CVE-2016-2183 2.6 Low 218.45.196.196 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
55227 23_tokyu_townmanage_20170118.csv 18453 94437 CVE-2016-2183 2.6 Low 202.53.23.217 tcp 443 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) The remote service supports the use of 64-bit block ciphers. The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a "birthday" attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. However, Nessus has not checked for such a mitigation. Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}