Bug 42145 - MD5 is a weak cipher and may result in problems - a warning would be direct in this direction, in case of problems
MD5 is a weak cipher and may result in problems - a warning would be direct i...
Status: NEW
Product: USI
Classification: Unclassified
Component: univention-support-info
unspecified
Other Linux
: P5 normal
: ---
Assigned To: Nico Stöckigt
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-08-26 13:06 CEST by Nico Stöckigt
Modified: 2016-09-29 19:55 CEST (History)
0 users

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Nico Stöckigt univentionstaff 2016-08-26 13:06:38 CEST
since openssl 0.9.8c md5 is disabled:

---
 Changes between 0.9.8b and 0.9.8c  [05 Sep 2006]

  *) Disable rogue ciphersuites:

      - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
      - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
      - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
---

this might result in problems when services use secured connection and using MD5-hashed certs.

The USI should check this and print a warning when MD5 is used.