SSL Resume With Different Cipher Issue

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The remote host allows resuming SSL sessions with a different cipher
than the one originally negotiated.

Description :

The SSL implementation on the remote host has been shown to allow a
cipher other than the one originally negotiated when resuming a
session. An attacker that sees (e.g. by sniffing) the start of an SSL
connection may be able to manipulate session cache to cause subsequent
resumptions of that session to use a cipher chosen by the attacker.

Solution :


Risk factor :


Family: General

Nessus Plugin ID: 58768 ()

Bugtraq ID: