This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote service supports the use of anonymous SSL ciphers.
The remote host supports the use of anonymous SSL ciphers. While this
enables an administrator to set up a service that encrypts traffic
without having to generate and configure SSL certificates, it offers
no way to verify the remote host's identity and renders the service
vulnerable to a man-in-the-middle attack.
Note: This is considerably easier to exploit if the attacker is on the
same physical network.
See also :
Reconfigure the affected application if possible to avoid use of weak
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.3
Public Exploit Available : true
Family: Service detection
Nessus Plugin ID: 31705 ()
Bugtraq ID: 28482
CVE ID: CVE-2007-1858
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.