[stunnel-users] SSL Server Allows Anonymous Authentication Vulnerability

7 Aug 2014


      I am looking at this vulnerability reported from McAfee -- but we use stunnel to secure our communications and not the application directly.
Are these settings that I can make within the stunnel config -- or something comparable?
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[stunnel-users] SSL Server Allows Anonymous Authentication Vulnerability