- As per NCircle, the following vulnerabilities were received on RHEL 5 and RHEL 6 servers:
SSH Insecure HMAC Algorithms Enabled
SSH CBC Mode Ciphers Enabled
Below is the update from NCircle regarding the vulnerabilities
Vulnerability Name: SSH Insecure HMAC Algorithms Enabled
Description: Insecure HMAC Algorithms are enabled
Disable any 96-bit HMAC Algorithms.Disable any MD5-based HMAC Algorithms.
Vulnerability Name: SSH CBC Mode Ciphers Enabled
Description: CBC Mode Ciphers are enabled on the SSH Server.
Solution: Disable CBC Mode Ciphers and use CTR Mode Ciphers