We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
CVE-2016-2183: nginx Weak SSLCipherSuite Sweet32 Birthday
CVE-2016-2183: nginx Weak SSLCipherSuite Sweet32 Birthday
VestaCP: NGINX + PHP-FPM for Version 0.9.8-21 on 4/24/2018
Detected by Beyond Security, INC scanner
~ Out of 14023 infrastructure tests it found 0 High risks and only 2 medium risks, 1 for web server and 1 for imaps using those same ciphers
Sweet32 Birthday Vulnerability Fix
Disable 2 Weak Ciphers:
EDH-RSA-DES-CBC3-SHA
DES-CBC3-SHA
===== Nginx =====
/etc/nginx/nginx.conf
Backup your nginx config, carefully add ! before those 2 ciphers or delete them
===== Dovecot 2.1+ =======
/etc/dovecot/conf.d/10-ssl.conf
After fixing nginx's suite of ciphers the CVE scan still picked up the imaps bad ciphers.
Im not sure where Dovecot is pulling those ciphers from, prob the default OpenSSL suite but its not from nginx..
Disable them by adding them with !
After you do this, the next weekly scan Vulnerability Score went up to 100 A+
visitors with IE 8 for XP will not be able to access SSL pages
IE 8 / XP No FS 1 No SNI 2 Server sent fatal alert: handshake_failure
Tools/commands:
# nmap --script ssl-enum-ciphers yourdomain.com
Beyond Security scanmyserver.com
Qualys SSL Labs ssllabs.com/ssltest
Detected by Beyond Security, INC scanner
~ Out of 14023 infrastructure tests it found 0 High risks and only 2 medium risks, 1 for web server and 1 for imaps using those same ciphers
- CVE-2016-2183 Medium Risk: nginx Weak SSLCipherSuite Sweet32 Birthday Attacks on 64-bit Block Ciphers in TLS and OpenVPN (DES-CBC3) and imaps 993
- Weak Cipher DES-CBC3 found: (Cipher: EDH-RSA-DES-CBC3-SHA|SSLv3|Kx=DH|Au=RSA|Enc=3DES(168)|Mac=SHA1) (Cipher: DES-CBC3-SHA|SSLv3|Kx=RSA|Au=RSA|Enc=3DES(168)|Mac=SHA1) (Cipher: EDH-RSA-DES-CBC3-SHA|TLSv1|Kx=DH|Au=RSA|Enc=3DES(168)|Mac=SHA1)
Sweet32 Birthday Vulnerability Fix
Disable 2 Weak Ciphers:
EDH-RSA-DES-CBC3-SHA
DES-CBC3-SHA
===== Nginx =====
/etc/nginx/nginx.conf
Backup your nginx config, carefully add ! before those 2 ciphers or delete them
--- Reboot Nginxssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
===== Dovecot 2.1+ =======
/etc/dovecot/conf.d/10-ssl.conf
After fixing nginx's suite of ciphers the CVE scan still picked up the imaps bad ciphers.
Im not sure where Dovecot is pulling those ciphers from, prob the default OpenSSL suite but its not from nginx..
Disable them by adding them with !
--- Reboot Dovecotssl = yes
ssl_cert = </usr/local/vesta/ssl/certificate.crt
ssl_key = </usr/local/vesta/ssl/certificate.key
ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = HIGH:!aNULL:!MD5:!DES-CBC3-SHA:!EDH-RSA-DES-CBC3
ssl_prefer_server_ciphers = yes
After you do this, the next weekly scan Vulnerability Score went up to 100 A+
visitors with IE 8 for XP will not be able to access SSL pages
IE 8 / XP No FS 1 No SNI 2 Server sent fatal alert: handshake_failure
Tools/commands:
# nmap --script ssl-enum-ciphers yourdomain.com
Beyond Security scanmyserver.com
Qualys SSL Labs ssllabs.com/ssltest
Depreciating TLS 1.0 and TLS 1.1 SSL Protocols
TLS 1.0 and TLS 1.1 protocols will be removed from browsers at the beginning of 2020. As there are no fixes or patches that can adequately fix SSL or deprecated TLS, it is critically important that organizations upgrade to a secure alternative as soon as possible. Various Browser clients have provided approximate deadlines for disabling TLS 1.0 and TLS 1.1 protocol.
Microsoft IE and Edge
First half of 2020
Mozilla Firefox
March 2020
Safari/Webkit
March 2020
Google Chrome
January 2020
Check if you host TLS 1.0, TLS 1.1 and TLS 1.2.
Backup nginx config file
Exit nginx config file
Before
After
If you use protocoals SSL 2 or SSL 3 you can add those as well
Restart Nginx Web server then check available protocols again
After changes, these browsers will lose access..
Microsoft IE and Edge
First half of 2020
Mozilla Firefox
March 2020
Safari/Webkit
March 2020
Google Chrome
January 2020
Check if you host TLS 1.0, TLS 1.1 and TLS 1.2.
Code: Select all
nmap --script ssl-enum-ciphers -p 443 domain.com
Backup nginx config file
Code: Select all
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf-backup-before-tls
Exit nginx config file
Code: Select all
nano /etc/nginx/nginx.conf
Before
Code: Select all
# SSL PCI Compliance
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.0 TLSv1.1 TLS1.2;
ssl_prefer_server_ciphers on;
After
Code: Select all
# SSL PCI Compliance
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
If you use protocoals SSL 2 or SSL 3 you can add those as well
Restart Nginx Web server then check available protocols again
Code: Select all
nmap --script ssl-enum-ciphers -p 443 domain.com
After changes, these browsers will lose access..
Code: Select all
Android 2.3.7 No SNI 2 Protocol mismatch (not simulated)
Android 4.0.4 Protocol mismatch (not simulated)
Android 4.1.1 Protocol mismatch (not simulated)
Android 4.2.2 Protocol mismatch (not simulated)
Android 4.3 Protocol mismatch (not simulated)
Baidu Jan 2015 Protocol mismatch (not simulated)
IE 6 / XP No FS 1 No SNI 2 Protocol mismatch (not simulated)
IE 7 / Vista Protocol mismatch (not simulated)
IE 8 / XP No FS 1 No SNI 2 Protocol mismatch (not simulated)
IE 8-10 / Win 7 R Protocol mismatch (not simulated)
IE 10 / Win Phone 8.0 Protocol mismatch (not simulated)
Java 6u45 No SNI 2 Protocol mismatch (not simulated)
Java 7u25 Protocol mismatch (not simulated)
OpenSSL 0.9.8y Protocol mismatch (not simulated)
Safari 5.1.9 / OS X 10.6.8 Protocol mismatch (not simulated)
Safari 6.0.4 / OS X 10.8.4 R Protocol mismatch (not simulated)