Our VA scan reported the following vulnerabilities on our 'commercial-version'
of sendmail. I guess it's commercial as a developer put in a GUI interface for
whitelisting/blacklisting but the underlying sendmail should still be there.
Attached Excel is the detailed sanitized scan results.
Which file do I edit or what changes do I need to make to address the
vulnerabilities below? (pls include every command step by step including
restarting the sendmail service to make it effective) :
If a patch is needed, kindly provide the url to download the patch. I'm
running on RHES 5.x
SSL/TLS Cipher Suite Detect Anonymous/NULL Ciphers
SSL/TLS SSLv2 Detection
SSL/TLS MD5 Algorithm Certificate Signature Weakness
SSL/TLS SSLv3 CBC-mode Ciphers Fallback MitM Remote Cleartext Information
Disclosure aka "POODLE"
SSL/TLS Cipher Suite Detect MD5
SSL/TLS Weak and Export Ciphers Detected
SSL/TLS Renegotiation Handshakes Man-in-the-Middle Plaintext Data Injection
OpenSSL: Crafted Handshake Weak Keying Material Rollback MitM Weakness