CVE-2016-2183: nginx Weak SSLCipherSuite Sweet32 Birthday
Posted: Sun Jun 17, 2018 10:57 am
VestaCP: NGINX + PHP-FPM for Version 0.9.8-21 on 4/24/2018
Detected by Beyond Security, INC scanner
~ Out of 14023 infrastructure tests it found 0 High risks and only 2 medium risks, 1 for web server and 1 for imaps using those same ciphers
Sweet32 Birthday Vulnerability Fix
Disable 2 Weak Ciphers:
EDH-RSA-DES-CBC3-SHA
DES-CBC3-SHA
===== Nginx =====
/etc/nginx/nginx.conf
Backup your nginx config, carefully add ! before those 2 ciphers or delete them
===== Dovecot 2.1+ =======
/etc/dovecot/conf.d/10-ssl.conf
After fixing nginx's suite of ciphers the CVE scan still picked up the imaps bad ciphers.
Im not sure where Dovecot is pulling those ciphers from, prob the default OpenSSL suite but its not from nginx..
Disable them by adding them with !
After you do this, the next weekly scan Vulnerability Score went up to 100 A+
visitors with IE 8 for XP will not be able to access SSL pages
IE 8 / XP No FS 1 No SNI 2 Server sent fatal alert: handshake_failure
Tools/commands:
# nmap --script ssl-enum-ciphers yourdomain.com
Beyond Security scanmyserver.com
Qualys SSL Labs ssllabs.com/ssltest
Detected by Beyond Security, INC scanner
~ Out of 14023 infrastructure tests it found 0 High risks and only 2 medium risks, 1 for web server and 1 for imaps using those same ciphers
- CVE-2016-2183 Medium Risk: nginx Weak SSLCipherSuite Sweet32 Birthday Attacks on 64-bit Block Ciphers in TLS and OpenVPN (DES-CBC3) and imaps 993
- Weak Cipher DES-CBC3 found: (Cipher: EDH-RSA-DES-CBC3-SHA|SSLv3|Kx=DH|Au=RSA|Enc=3DES(168)|Mac=SHA1) (Cipher: DES-CBC3-SHA|SSLv3|Kx=RSA|Au=RSA|Enc=3DES(168)|Mac=SHA1) (Cipher: EDH-RSA-DES-CBC3-SHA|TLSv1|Kx=DH|Au=RSA|Enc=3DES(168)|Mac=SHA1)
Sweet32 Birthday Vulnerability Fix
Disable 2 Weak Ciphers:
EDH-RSA-DES-CBC3-SHA
DES-CBC3-SHA
===== Nginx =====
/etc/nginx/nginx.conf
Backup your nginx config, carefully add ! before those 2 ciphers or delete them
--- Reboot Nginxssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
===== Dovecot 2.1+ =======
/etc/dovecot/conf.d/10-ssl.conf
After fixing nginx's suite of ciphers the CVE scan still picked up the imaps bad ciphers.
Im not sure where Dovecot is pulling those ciphers from, prob the default OpenSSL suite but its not from nginx..
Disable them by adding them with !
--- Reboot Dovecotssl = yes
ssl_cert = </usr/local/vesta/ssl/certificate.crt
ssl_key = </usr/local/vesta/ssl/certificate.key
ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = HIGH:!aNULL:!MD5:!DES-CBC3-SHA:!EDH-RSA-DES-CBC3
ssl_prefer_server_ciphers = yes
After you do this, the next weekly scan Vulnerability Score went up to 100 A+
visitors with IE 8 for XP will not be able to access SSL pages
IE 8 / XP No FS 1 No SNI 2 Server sent fatal alert: handshake_failure
Tools/commands:
# nmap --script ssl-enum-ciphers yourdomain.com
Beyond Security scanmyserver.com
Qualys SSL Labs ssllabs.com/ssltest