Oracle ZFS Storage Appliance: Nessus (security scan) has detected that ZFSSA is configured to use Arcfour stream cipher
(Doc ID 2349308.1)
Last updated on OCTOBER 14, 2022
Applies to:
Oracle ZFS Storage ZS5-4 - Version All Versions and laterOracle ZFS Storage ZS5-2 - Version All Versions and later
Oracle ZFS Storage ZS4-4 - Version All Versions and later
Oracle ZFS Storage ZS3-4 - Version All Versions and later
Oracle ZFS Storage ZS3-2 - Version All Versions and later
7000 Appliance OS (Fishworks)
Symptoms
Product Name : ZS3-2
Product version : Running 2013.1.6.5
Details of the issue/question:
After a vulnerability assessment revealed some security issues on ZFS storage:
- For ssh services: Nessus has detected that the remote SSH server is configured to use the Arcfour stream cipher or no cipher at all. RFC 4253 advises against using Arcfour due to an issue with weak keys.
Action: Contact the vendor or consult product documentation to remove the weak ciphers.
TSC Analysis
Reference: https://vulners.com/nessus/SSH_WEAK_ENCRYPTION_ALGORITHMS.NASL
SSH Weak Algorithms Supported
2016-04-04 00:00:00
ID SSH_WEAK_ENCRYPTION_ALGORITHMS.NASL
Type nessus
Reporter Tenable
Modified 2016-12-14 00:00:00
Description
Nessus has detected that the remote SSH server is configured to use the Arcfour stream
cipher or no cipher at all. RFC 4253 advises against using Arcfour due to an issue with weak keys.
NASL Family
Misc.
References : https://tools.ietf.org/html/rfc4253#section-6.
Changes
None.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |