With all the chatter about Logjam, etc. and SSL/TLS vulnerabilities, I tested a USG200 (3.30(AQU.7) with Symantec's ssltools site:
https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp
The results are:
This server is safe from the Poodle vulnerability.
This server is vulnerable to a FREAK and a Logjam attack.
This server is safe from the Heartbleed vulnerability.
This server is safe from Poodle (TLS) vulnerability.
When I connect with a browser it shows a connection with TLS 1.0, which is supposedly vulnerable.
Anyone know if this is for real, and if the newer USG's have this problem also?
↧