SSL Server Allows Anonymous Authentication Vulnerability

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
efonseca
Posts: 23
Joined: Wed Apr 27, 2016 8:56 pm

SSL Server Allows Anonymous Authentication Vulnerability

Postby efonseca » Thu May 16, 2019 10:22 pm

Release 8.8.6_GA_1906.RHEL7_64_20171130041047 RHEL7_64 FOSS edition.

Good afternoon :

I have made several adjustments to the server to avoid the vulnerability presented by Qualys, it is presented in ports 25 and 465, it can help me correct the problem:

This is a sample of a scan with Zenmap
Attachments
SSL Server Allows Anonymous Authentication Vulnerability.JPG
SSL Server Allows Anonymous Authentication Vulnerability.JPG (47.63 KiB) Viewed 313 times


phoenix
Ambassador
Ambassador
Posts: 26091
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: SSL Server Allows Anonymous Authentication Vulnerability

Postby phoenix » Fri May 31, 2019 8:19 am

efonseca wrote:I have made several adjustments to the server to avoid the vulnerability presented by Qualys, it is presented in ports 25 and 465, it can help me correct the problem:
Read the wiki article on how to achieve an A+ on Qualys, that's covered there and you should get yourself on the most recent ZCS version.
Regards

Bill

Rspamd: A high performance spamassassin replacement

If you'd like to see this implemented in a future version of ZCS then please vote on Bugzilla entries 97706 & 108168

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 14 guests