RC4(CVE-2013-2566) elevated to medium severity

資安議題研究區

RC4(CVE-2013-2566) elevated to medium severity

Postby Sridar » Wed Mar 18, 2015 3:22 pm

RC4 is commonly used in SSL protocol all over the world, due to compatibility issues. It has been no longer secure, and few users need the support of RC4. According to CloudFlare, 0.000002% of requests to CloudFlare use the RC4 protocol. On 3/12/2015, the problem is elevated to medium by NIST. We recommend disable RC4 as soon as possible.

References:
[1]https://blogs.gnome.org/mcatanzaro/
[2]https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566#VulnChangeHistoryDiv
Sridar
 
Posts: 7
Joined: Thu Jul 03, 2014 12:45 am

Return to 研究專區(Research Area)

cron