Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

TLS 1.0 vulnerability over 993 IMAPS

Scheduled Pinned Locked Moved Solved Support
securityimaps
12 Posts 4 Posters 1.1k Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M Offline
    M Offline
    Mastadamus
    wrote on last edited by girish
    #1

    I recently ran some vulnerability tests via qualys against my cloudron setup and im showing a vulnerability with the 993 using tls 1.0. I thought 1.0 was disabled by cloudron? Is this a false alarm? IF not, is there an easy way to force tls 1.2 only?

    d19dotcaD girishG 2 Replies Last reply
    2
  • d19dotcaD Offline
    d19dotcaD Offline
    d19dotca
    replied to Mastadamus on last edited by d19dotca
    #2

    @mastadamus Curious, what URL did you use in the Qualsys test? I assume my.<domain>.<tld>? I just ran it on that URL for mine and got an A+.

    bf8c1143-4d06-440e-9acb-5835e5961540-image.png

    --
    Dustin Dauncey
    www.d19.ca

    mehdiM 1 Reply Last reply
    0
  • mehdiM Offline
    mehdiM Offline
    mehdi App Dev
    replied to d19dotca on last edited by
    #3

    @d19dotca This tests the TLS of the HTTPS server. @Mastadamus is talking about the TLS of the IMAPS server.

    d19dotcaD 1 Reply Last reply
    0
  • d19dotcaD Offline
    d19dotcaD Offline
    d19dotca
    replied to mehdi on last edited by
    #4

    @mehdi Ah yeah funny enough I just realized that haha I'm checking mine out as we speak for the mail server.

    --
    Dustin Dauncey
    www.d19.ca

    1 Reply Last reply
    0
  • d19dotcaD Offline
    d19dotcaD Offline
    d19dotca
    wrote on last edited by
    #5

    I'm still not seeing anything about TLSv1.0 enabled on the mail domain either. @Mastadamus - are you able to explain how to reproduce this test so people can check out their own instances? So far I'm not able to reproduce.

    --
    Dustin Dauncey
    www.d19.ca

    M 1 Reply Last reply
    0
  • M Offline
    M Offline
    Mastadamus
    replied to d19dotca on last edited by
    #6

    @d19dotca I used the qualys vulnerability scanner community edition. You need to create an qualys account and use the actual vulnerability scanner. Also if you are running a firewall, you may have to unblock the qualys IP if it auto blocks it when it attempts various "scans' like checking for heartbleed etc. you can sign up for here https://www.qualys.com/community-edition/

    1 Reply Last reply
    2
  • girishG Offline
    girishG Offline
    girish Staff
    replied to Mastadamus on last edited by girish
    #7

    @mastadamus thanks for reporting! Initially, I thought this was a false alarm because tls1 connections don't work:

    openssl s_client -connect my.example.com:993 -tls1
    CONNECTED(00000003)
    140461753824576:error:141E70BF:SSL routines:tls_construct_client_hello:no protocols available:../ssl/statem/statem_clnt.c:1112:
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 0 bytes and written 7 bytes
    Verification: OK
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    Early data was not sent
    Verify return code: 0 (ok)
    ---
    

    Investigating further, I found that s_client can also fail if there is cipher match. And doing a "scan":

    $ nmap --script ssl-enum-ciphers my.example.com -p 993
    Starting Nmap 7.80 ( https://nmap.org ) at 2021-02-20 09:50 PST
    Nmap scan report for my.example.com (45.55.2.141)
    Host is up (0.013s latency).
    
    PORT    STATE SERVICE
    993/tcp open  imaps
    | ssl-enum-ciphers: 
    |   TLSv1.0: 
    |     ciphers: 
    |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A
    |       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
    |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_SEED_CBC_SHA (rsa 4096) - A
    |     compressors: 
    |       NULL
    |     cipher preference: client
    |     warnings: 
    |       Key exchange (dh 1024) of lower strength than certificate key
    |   TLSv1.1: 
    |     ciphers: 
    |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A
    |       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
    |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_SEED_CBC_SHA (rsa 4096) - A
    |     compressors: 
    |       NULL
    |     cipher preference: client
    |     warnings: 
    |       Key exchange (dh 1024) of lower strength than certificate key
    |   TLSv1.2: 
    |     ciphers: 
    |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_128_CCM (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_128_CCM_8 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_256_CCM (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_256_CCM_8 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (dh 1024) - A
    |       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A
    |       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 (secp384r1) - A
    |       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp384r1) - A
    |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 4096) - A
    |       TLS_RSA_WITH_AES_128_CCM (rsa 4096) - A
    |       TLS_RSA_WITH_AES_128_CCM_8 (rsa 4096) - A
    |       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 4096) - A
    |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 4096) - A
    |       TLS_RSA_WITH_AES_256_CCM (rsa 4096) - A
    |       TLS_RSA_WITH_AES_256_CCM_8 (rsa 4096) - A
    |       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 4096) - A
    |       TLS_RSA_WITH_ARIA_128_GCM_SHA256 (rsa 4096) - A
    |       TLS_RSA_WITH_ARIA_256_GCM_SHA384 (rsa 4096) - A
    |       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (rsa 4096) - A
    |       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 4096) - A
    |       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (rsa 4096) - A
    |       TLS_RSA_WITH_SEED_CBC_SHA (rsa 4096) - A
    |     compressors: 
    |       NULL
    |     cipher preference: client
    |     warnings: 
    |       Key exchange (dh 1024) of lower strength than certificate key
    |_  least strength: A
    
    Nmap done: 1 IP address (1 host up) scanned in 5.43 seconds
    

    So, looks like something we have to disable in dovecot. We had disabled this in Haraka (the SMTP server) but not dovecot it seems. You can run nmap on port 587 to verify.

    1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #8

    Ah nice, it seems the upgrade of the base image to bionic already fixed this since it comes with a newer dovecot.

    $ nmap --script ssl-enum-ciphers my.example.com -p 993
    Starting Nmap 7.80 ( https://nmap.org ) at 2021-02-20 09:59 PST
    Nmap scan report for my.example.com (142.93.86.76)
    Host is up (0.014s latency).
    
    
    PORT    STATE SERVICE
    993/tcp open  imaps
    | ssl-enum-ciphers: 
    |   TLSv1.2: 
    |     ciphers: 
    |       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_128_CCM (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_256_CCM (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 (secp256r1) - A
    |       TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
    |     compressors: 
    |       NULL
    |     cipher preference: client
    |     warnings: 
    |       Key exchange (secp256r1) of lower strength than certificate key
    |_  least strength: A
    
    
    1 Reply Last reply
    2
  • M Offline
    M Offline
    Mastadamus
    wrote on last edited by
    #9

    Hey, glad I could be of service. Thanks for the quick replies and thankfully, its quickly remedied.

    1 Reply Last reply
    0
  • M Offline
    M Offline
    Mastadamus
    wrote on last edited by
    #10

    @girish sir

    BTW, I apologize for not using your dedicated vulnerability reporting method.

    1. I just read up on it
    2. I really thought it was due to a settings misconfiguration part on my end and a false alarm as well. I was initially just looking for Guidance on fixing what I set up wrong. In the future if it's vulnerability concerned, I'll use your reporting mechanisms.
    girishG 1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    replied to Mastadamus on last edited by
    #11

    @mastadamus no problem! atleast, this is not a severe security issue and we have a fix coming already.

    M 1 Reply Last reply
    0
  • M Offline
    M Offline
    Mastadamus
    replied to girish on last edited by
    #12

    @girish agreed.

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.