SSL 64-bit Block Size Cipher Suites Supported (SWEET32)

Medium Nessus Plugin ID 94437


The remote service supports the use of 64-bit block ciphers.


The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a 'birthday' attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session.

Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours.

Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. This plugin requires report paranoia as Nessus has not checked for such a mitigation.


Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability.

See Also

Plugin Details

Severity: Medium

ID: 94437

File Name: ssl_64bitblock_supported_ciphers.nasl

Version: $Revision: 1.7 $

Type: remote

Family: General

Published: 2016/11/01

Modified: 2017/12/08

Dependencies: 21643

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:ND/RC:ND


Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:X/RC:X

Vulnerability Information

Required KB Items: SSL/Supported, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2016/08/24

Reference Information

CVE: CVE-2016-2183, CVE-2016-6329

BID: 92630, 92631

OSVDB: 143387, 143388