failmap/admin

View on GitHub
websecmap/scanners/resources/output/sslscan/testcases/B_weakdh_NoFS.xml

Summary

Maintainability
Test Coverage
<?xml version="1.0" encoding="UTF-8"?>
<document title="SSLScan Results" version="1.11.10-static" web="http://github.com/rbsec/sslscan">
 <ssltest host="jira.ssix-project.eu" sniname="jira.ssix-project.eu" port="443">
  <renegotiation supported="1" secure="1" />
  <compression supported="0" />
  <heartbleed sslversion="TLSv1.2" vulnerable="0" />
  <heartbleed sslversion="TLSv1.1" vulnerable="0" />
  <heartbleed sslversion="TLSv1.0" vulnerable="0" />
  <cipher status="preferred" sslversion="TLSv1.2" bits="256" cipher="ECDHE-RSA-AES256-GCM-SHA384" id="0xC030" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="256" cipher="ECDHE-RSA-AES256-SHA384" id="0xC028" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="256" cipher="ECDHE-RSA-AES256-SHA" id="0xC014" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="256" cipher="DHE-RSA-AES256-GCM-SHA384" id="0x9F" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="256" cipher="DHE-RSA-AES256-SHA256" id="0x6B" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="256" cipher="DHE-RSA-AES256-SHA" id="0x39" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="256" cipher="AES256-GCM-SHA384" id="0x9D" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="256" cipher="AES256-SHA256" id="0x3D" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="256" cipher="AES256-SHA" id="0x35" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="ECDHE-RSA-AES128-GCM-SHA256" id="0xC02F" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="ECDHE-RSA-AES128-SHA256" id="0xC027" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="ECDHE-RSA-AES128-SHA" id="0xC013" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="DHE-RSA-AES128-GCM-SHA256" id="0x9E" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="DHE-RSA-AES128-SHA256" id="0x67" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="DHE-RSA-AES128-SHA" id="0x33" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="AES128-GCM-SHA256" id="0x9C" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="AES128-SHA256" id="0x3C" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="128" cipher="AES128-SHA" id="0x2F" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="112" cipher="ECDHE-RSA-DES-CBC3-SHA" id="0xC012" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="112" cipher="EDH-RSA-DES-CBC3-SHA" id="0x16" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.2" bits="112" cipher="DES-CBC3-SHA" id="0xA" />
  <cipher status="preferred" sslversion="TLSv1.1" bits="256" cipher="ECDHE-RSA-AES256-SHA" id="0xC014" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.1" bits="256" cipher="DHE-RSA-AES256-SHA" id="0x39" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.1" bits="256" cipher="AES256-SHA" id="0x35" />
  <cipher status="accepted" sslversion="TLSv1.1" bits="128" cipher="ECDHE-RSA-AES128-SHA" id="0xC013" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.1" bits="128" cipher="DHE-RSA-AES128-SHA" id="0x33" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.1" bits="128" cipher="AES128-SHA" id="0x2F" />
  <cipher status="accepted" sslversion="TLSv1.1" bits="112" cipher="ECDHE-RSA-DES-CBC3-SHA" id="0xC012" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.1" bits="112" cipher="EDH-RSA-DES-CBC3-SHA" id="0x16" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.1" bits="112" cipher="DES-CBC3-SHA" id="0xA" />
  <cipher status="preferred" sslversion="TLSv1.0" bits="256" cipher="ECDHE-RSA-AES256-SHA" id="0xC014" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.0" bits="256" cipher="DHE-RSA-AES256-SHA" id="0x39" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.0" bits="256" cipher="AES256-SHA" id="0x35" />
  <cipher status="accepted" sslversion="TLSv1.0" bits="128" cipher="ECDHE-RSA-AES128-SHA" id="0xC013" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.0" bits="128" cipher="DHE-RSA-AES128-SHA" id="0x33" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.0" bits="128" cipher="AES128-SHA" id="0x2F" />
  <cipher status="accepted" sslversion="TLSv1.0" bits="112" cipher="ECDHE-RSA-DES-CBC3-SHA" id="0xC012" curve="P-256" ecdhebits="256" />
  <cipher status="accepted" sslversion="TLSv1.0" bits="112" cipher="EDH-RSA-DES-CBC3-SHA" id="0x16" dhebits="1024" />
  <cipher status="accepted" sslversion="TLSv1.0" bits="112" cipher="DES-CBC3-SHA" id="0xA" />
  <certificate>
   <certificate-blob>
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISA5Qr8buDjRFdOtH/JBFT5FnsMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEwMDYwOTI1MzZaFw0x
ODAxMDQwOTI1MzZaMB8xHTAbBgNVBAMTFGppcmEuc3NpeC1wcm9qZWN0LmV1MIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BDRdSBC/QzRjdaozV6S2AbR
1aGogl4q70vjMi8H/IcN1dN3WrFFzzxruv5ohkxaDfUGWM85YW45nEtmXydlWBZ7
NXAnJDfBzSpPq6dnQcgyo39y5Wq57ZFQ+aSHWB/dJT1VQHFeNtp7XJSzwE0Xctfz
CuBiBFyhAMl3imqInUINFBqHkMq0gtXQo3bGBT47q+gTAHotEhQpeushZ0HuUshe
AJv/O3l+BDHJI5eqfk3XhbbrDhxQr+C/cYMBbZZSj5a6hCTh6HQIvW4f4sanp1jQ
ai77jsdCycJQN7a2CW0eca6XxcGYlyyO1eWJd4/qKo2TBaEbUZ1Yf+zp26JBQwID
AQABo4ICFDCCAhAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSH9sDLShjhCl/Jtd17
0NzIlw8CGTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEF
BQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5j
cnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j
cnlwdC5vcmcvMB8GA1UdEQQYMBaCFGppcmEuc3NpeC1wcm9qZWN0LmV1MIH+BgNV
HSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcC
ARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGb
VGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5
aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0
aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcv
cmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD6Qk0TkNNhkp7zLUdAtR0tB
XMvhHFhB6//hMLgTWzWaYNyVImUjeue+7u6sGqHVGPIEDsIfXiJ69id8JmOmQpFO
+CkdO9HH1Ua9X052SYV7MKMlICLwiXLlcVUMkLpi66a1qFLU+pQuRG9nQ1axy+Sy
xtPwlMPddDOGvvAroNo/65bpgvb/1f7wdHz+poVfJYV/EGjxnMPG3yydF3viFqFS
cYh7CZ6MA+5W/ZzrwzSlub75MiaPmVNuGciLVl5bkDeYAVgOhOqWbccH8JO2+eWv
ue/24u+VSU5FcY3ou0zTyKeqjT9mMK9HHurNHDqczQ1KNwS9oMT6D9J6LEIJ1kY=
-----END CERTIFICATE-----
   </certificate-blob>
   <version>2</version>
   <serial>03:94:2b:f1:bb:83:8d:11:5d:3a:d1:ff:24:11:53:e4:59:ec</serial>
   <signature-algorithm>sha256WithRSAEncryption</signature-algorithm>
   <issuer><![CDATA[/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3]]></issuer>
   <not-valid-before>Oct  6 09:25:36 2017 GMT</not-valid-before>
   <not-valid-after>Jan  4 09:25:36 2018 GMT</not-valid-after>
   <subject><![CDATA[/CN=jira.ssix-project.eu]]></subject>
   <pk-algorithm>rsaEncryption</pk-algorithm>
   <pk error="false" type="RSA" bits="2048">
    Public-Key: (2048 bit)
    Modulus:
        00:e8:10:d1:75:20:42:fd:0c:d1:8d:d6:a8:cd:5e:
        92:d8:06:d1:d5:a1:a8:82:5e:2a:ef:4b:e3:32:2f:
        07:fc:87:0d:d5:d3:77:5a:b1:45:cf:3c:6b:ba:fe:
        68:86:4c:5a:0d:f5:06:58:cf:39:61:6e:39:9c:4b:
        66:5f:27:65:58:16:7b:35:70:27:24:37:c1:cd:2a:
        4f:ab:a7:67:41:c8:32:a3:7f:72:e5:6a:b9:ed:91:
        50:f9:a4:87:58:1f:dd:25:3d:55:40:71:5e:36:da:
        7b:5c:94:b3:c0:4d:17:72:d7:f3:0a:e0:62:04:5c:
        a1:00:c9:77:8a:6a:88:9d:42:0d:14:1a:87:90:ca:
        b4:82:d5:d0:a3:76:c6:05:3e:3b:ab:e8:13:00:7a:
        2d:12:14:29:7a:eb:21:67:41:ee:52:c8:5e:00:9b:
        ff:3b:79:7e:04:31:c9:23:97:aa:7e:4d:d7:85:b6:
        eb:0e:1c:50:af:e0:bf:71:83:01:6d:96:52:8f:96:
        ba:84:24:e1:e8:74:08:bd:6e:1f:e2:c6:a7:a7:58:
        d0:6a:2e:fb:8e:c7:42:c9:c2:50:37:b6:b6:09:6d:
        1e:71:ae:97:c5:c1:98:97:2c:8e:d5:e5:89:77:8f:
        ea:2a:8d:93:05:a1:1b:51:9d:58:7f:ec:e9:db:a2:
        41:43
    Exponent: 65537 (0x10001)
   </pk>
   <X509v3-Extensions>
    <extension name="X509v3 Key Usage" level="critical"><![CDATA[Digital Signature, Key Encipherment]]></extension>
    <extension name="X509v3 Extended Key Usage"><![CDATA[TLS Web Server Authentication, TLS Web Client Authentication]]></extension>
    <extension name="X509v3 Basic Constraints" level="critical"><![CDATA[CA:FALSE]]></extension>
    <extension name="X509v3 Subject Key Identifier"><![CDATA[87:F6:C0:CB:4A:18:E1:0A:5F:C9:B5:DD:7B:D0:DC:C8:97:0F:02:19]]></extension>
    <extension name="X509v3 Authority Key Identifier"><![CDATA[keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
]]></extension>
    <extension name="Authority Information Access"><![CDATA[OCSP - URI:http://ocsp.int-x3.letsencrypt.org
CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
]]></extension>
    <extension name="X509v3 Subject Alternative Name"><![CDATA[DNS:jira.ssix-project.eu]]></extension>
    <extension name="X509v3 Certificate Policies"><![CDATA[Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
  CPS: http://cps.letsencrypt.org
  User Notice:
    Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
]]></extension>
   </X509v3-Extensions>
  </certificate>
  <certificate>
   <signature-algorithm>sha256WithRSAEncryption</signature-algorithm>
   <pk error="false" type="RSA" bits="2048" />
   <subject><![CDATA[jira.ssix-project.eu]]></subject>
   <altnames><![CDATA[DNS:jira.ssix-project.eu]]></altnames>
   <issuer><![CDATA[Let's Encrypt Authority X3]]></issuer>
   <self-signed>false</self-signed>
   <not-valid-before>Oct  6 09:25:36 2017 GMT</not-valid-before>
   <not-valid-after>Jan  4 09:25:36 2018 GMT</not-valid-after>
   <expired>false</expired>
  </certificate>
 </ssltest>
</document>