Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. TLS 1.0 vulnerability over 993 IMAPS

TLS 1.0 vulnerability over 993 IMAPS

Scheduled Pinned Locked Moved Solved Support
securityimaps
12 Posts 4 Posters 3.2k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • d19dotcaD d19dotca

    @mastadamus Curious, what URL did you use in the Qualsys test? I assume my.<domain>.<tld>? I just ran it on that URL for mine and got an A+.

    bf8c1143-4d06-440e-9acb-5835e5961540-image.png

    mehdiM Offline
    mehdiM Offline
    mehdi
    App Dev
    wrote on last edited by
    #3

    @d19dotca This tests the TLS of the HTTPS server. @Mastadamus is talking about the TLS of the IMAPS server.

    d19dotcaD 1 Reply Last reply
    0
    • mehdiM mehdi

      @d19dotca This tests the TLS of the HTTPS server. @Mastadamus is talking about the TLS of the IMAPS server.

      d19dotcaD Offline
      d19dotcaD Offline
      d19dotca
      wrote on last edited by
      #4

      @mehdi Ah yeah funny enough I just realized that haha I'm checking mine out as we speak for the mail server.

      --
      Dustin Dauncey
      www.d19.ca

      1 Reply Last reply
      0
      • d19dotcaD Offline
        d19dotcaD Offline
        d19dotca
        wrote on last edited by
        #5

        I'm still not seeing anything about TLSv1.0 enabled on the mail domain either. @Mastadamus - are you able to explain how to reproduce this test so people can check out their own instances? So far I'm not able to reproduce.

        --
        Dustin Dauncey
        www.d19.ca

        M 1 Reply Last reply
        0
        • d19dotcaD d19dotca

          I'm still not seeing anything about TLSv1.0 enabled on the mail domain either. @Mastadamus - are you able to explain how to reproduce this test so people can check out their own instances? So far I'm not able to reproduce.

          M Offline
          M Offline
          Mastadamus
          wrote on last edited by
          #6

          @d19dotca I used the qualys vulnerability scanner community edition. You need to create an qualys account and use the actual vulnerability scanner. Also if you are running a firewall, you may have to unblock the qualys IP if it auto blocks it when it attempts various "scans' like checking for heartbleed etc. you can sign up for here https://www.qualys.com/community-edition/

          1 Reply Last reply
          2
          • M Mastadamus

            I recently ran some vulnerability tests via qualys against my cloudron setup and im showing a vulnerability with the 993 using tls 1.0. I thought 1.0 was disabled by cloudron? Is this a false alarm? IF not, is there an easy way to force tls 1.2 only?

            girishG Do not disturb
            girishG Do not disturb
            girish
            Staff
            wrote on last edited by girish
            #7

            @mastadamus thanks for reporting! Initially, I thought this was a false alarm because tls1 connections don't work:

            openssl s_client -connect my.example.com:993 -tls1
CONNECTED(00000003)
140461753824576:error:141E70BF:SSL routines:tls_construct_client_hello:no protocols available:../ssl/statem/statem_clnt.c:1112:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 7 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

            Investigating further, I found that s_client can also fail if there is cipher match. And doing a "scan":

            $ nmap --script ssl-enum-ciphers my.example.com -p 993
Starting Nmap 7.80 ( https://nmap.org ) at 2021-02-20 09:50 PST
Nmap scan report for my.example.com (45.55.2.141)
Host is up (0.013s latency).

PORT    STATE SERVICE
993/tcp open  imaps
| ssl-enum-ciphers: 
|   TLSv1.0: 
|     ciphers: 
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_SEED_CBC_SHA (rsa 4096) - A
|     compressors: 
|       NULL
|     cipher preference: client
|     warnings: 
|       Key exchange (dh 1024) of lower strength than certificate key
|   TLSv1.1: 
|     ciphers: 
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_SEED_CBC_SHA (rsa 4096) - A
|     compressors: 
|       NULL
|     cipher preference: client
|     warnings: 
|       Key exchange (dh 1024) of lower strength than certificate key
|   TLSv1.2: 
|     ciphers: 
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_128_CCM (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_128_CCM_8 (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_256_CCM (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_256_CCM_8 (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 1024) - A
|       TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 (dh 1024) - A
|       TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 (dh 1024) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (dh 1024) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 (dh 1024) - A
|       TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (dh 1024) - A
|       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 (secp384r1) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp384r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 4096) - A
|       TLS_RSA_WITH_AES_128_CCM (rsa 4096) - A
|       TLS_RSA_WITH_AES_128_CCM_8 (rsa 4096) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 4096) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 4096) - A
|       TLS_RSA_WITH_AES_256_CCM (rsa 4096) - A
|       TLS_RSA_WITH_AES_256_CCM_8 (rsa 4096) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 4096) - A
|       TLS_RSA_WITH_ARIA_128_GCM_SHA256 (rsa 4096) - A
|       TLS_RSA_WITH_ARIA_256_GCM_SHA384 (rsa 4096) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (rsa 4096) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 4096) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (rsa 4096) - A
|       TLS_RSA_WITH_SEED_CBC_SHA (rsa 4096) - A
|     compressors: 
|       NULL
|     cipher preference: client
|     warnings: 
|       Key exchange (dh 1024) of lower strength than certificate key
|_  least strength: A

Nmap done: 1 IP address (1 host up) scanned in 5.43 seconds

            So, looks like something we have to disable in dovecot. We had disabled this in Haraka (the SMTP server) but not dovecot it seems. You can run nmap on port 587 to verify.

            1 Reply Last reply
            1
            • girishG Do not disturb
              girishG Do not disturb
              girish
              Staff
              wrote on last edited by
              #8

              Ah nice, it seems the upgrade of the base image to bionic already fixed this since it comes with a newer dovecot.

              $ nmap --script ssl-enum-ciphers my.example.com -p 993
Starting Nmap 7.80 ( https://nmap.org ) at 2021-02-20 09:59 PST
Nmap scan report for my.example.com (142.93.86.76)
Host is up (0.014s latency).


PORT    STATE SERVICE
993/tcp open  imaps
| ssl-enum-ciphers: 
|   TLSv1.2: 
|     ciphers: 
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_128_CCM (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CCM (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|     compressors: 
|       NULL
|     cipher preference: client
|     warnings: 
|       Key exchange (secp256r1) of lower strength than certificate key
|_  least strength: A
              1 Reply Last reply
              2
              • M Offline
                M Offline
                Mastadamus
                wrote on last edited by
                #9

                Hey, glad I could be of service. Thanks for the quick replies and thankfully, its quickly remedied.

                1 Reply Last reply
                0
                • M Offline
                  M Offline
                  Mastadamus
                  wrote on last edited by
                  #10

                  @girish sir

                  BTW, I apologize for not using your dedicated vulnerability reporting method.

                  1. I just read up on it
                  2. I really thought it was due to a settings misconfiguration part on my end and a false alarm as well. I was initially just looking for Guidance on fixing what I set up wrong. In the future if it's vulnerability concerned, I'll use your reporting mechanisms.
                  girishG 1 Reply Last reply
                  1
                  • M Mastadamus

                    @girish sir

                    BTW, I apologize for not using your dedicated vulnerability reporting method.

                    1. I just read up on it
                    2. I really thought it was due to a settings misconfiguration part on my end and a false alarm as well. I was initially just looking for Guidance on fixing what I set up wrong. In the future if it's vulnerability concerned, I'll use your reporting mechanisms.
                    girishG Do not disturb
                    girishG Do not disturb
                    girish
                    Staff
                    wrote on last edited by
                    #11

                    @mastadamus no problem! atleast, this is not a severe security issue and we have a fix coming already.

                    M 1 Reply Last reply
                    0
                    • girishG girish

                      @mastadamus no problem! atleast, this is not a severe security issue and we have a fix coming already.

                      M Offline
                      M Offline
                      Mastadamus
                      wrote on last edited by
                      #12

                      @girish agreed.

                      1 Reply Last reply
                      0
                      Reply
                      • Reply as topic
                      Log in to reply
                      • Oldest to Newest
                      • Newest to Oldest
                      • Most Votes

                      • Login
                      • Don't have an account? Register
                      • Login or register to search.
                      • First post
                        Last post
                      0
                      • Categories
                      • Recent
                      • Tags
                      • Popular
                      • Bookmarks
                      • Search