[stunnel-users] SSL Server Allows Anonymous Authentication Vulnerability

• Previous message (by thread): [stunnel-users] SSL Server Allows Anonymous Authentication Vulnerability
• Next message (by thread): [stunnel-users] SSL Server Allows Anonymous Authentication Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Does this request not apply to stunnel? I don not recall seeing these as setting within the stunnel configuration file, so this may be an irrelevant question.

From: mike_curran at hotmail.com
To: stunnel-users at stunnel.org
Date: Thu, 7 Aug 2014 12:55:36 -0500
Subject: [stunnel-users] SSL Server Allows Anonymous Authentication	Vulnerability





I am looking at this vulnerability reported from McAfee -- but we use stunnel to secure our communications and not the application directly.
Are these settings that I can make within the stunnel config -- or something comparable?
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
 		 	   		  

_______________________________________________
stunnel-users mailing list
stunnel-users at stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20140821/e6753ce5/attachment.html>

• Previous message (by thread): [stunnel-users] SSL Server Allows Anonymous Authentication Vulnerability
• Next message (by thread): [stunnel-users] SSL Server Allows Anonymous Authentication Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]