cancel
Showing results for 
Search instead for 
Did you mean: 
epo909
Level 9

TLS / SSL Man-In-The-Middle Renegotiation Vulnerability (7312) removed?

Hi all,

The  FSL UPDATE of 2009-DEC-31 removed the SSL/TLS vuln (7312) from the FSL database. At least for me the only impact was a major spike at the Foudscore.

Not particularly good, because I will have to explain on my monthly report why Foudscore spiked.

The vulnerability still exists and there's no change whatsoever in the CVE DB.

So why did McAfee removed this vulnerability?

AFAIK this vulnerability still exists, its pretty famous, and now it was removed without any explanation.

Best Regards,

RD

0 Kudos
2 Replies
cgrim
Level 13

Re: TLS / SSL Man-In-The-Middle Renegotiation Vulnerability (7312) removed?

hi RD,

You're right, the check was deleted in the FSL package on Dec-31.  The FSL notification (do you get these?) did list it:

DELETED CHECKS:

  * FID #7312 TLS / SSL Man-In-The-Middle Renegotiation Vulnerability

  * FID #5981 Mozilla Products Java LiveConnect Java Embedding Plugin Vulnerability

As having been removed.

As far as "why" it was deleted:  That specific Un-Authenticated script had too much of a risk to produce False Postives.  With all the various OS's releasing patches for it, our SSH module wasn't able to validate it with that un-authenticated script.  Watch for OS specific scripts to be released for it...

-Cathy

0 Kudos
Highlighted
epo909
Level 9

Re: TLS / SSL Man-In-The-Middle Renegotiation Vulnerability (7312) removed?

Hi Cathy.

Thanks for the answer.

RD

0 Kudos