check_pop plugin poodle vulnerability

B crazyworld at outlook.com
Mon Oct 20 07:05:26 CEST 2014

Previous message: check_pop plugin poodle vulnerability
Next message: check_pop plugin poodle vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You need to make sure your server returns tls1.0 first. Then, check if 
your plugin supports it. Supposedly, your server is not the problem. The 
assumption is that your plugin doesn't support it. You can run verbose 
seeing how it goes.

-B
On 10/19/2014 9:43 PM, Andrew Nemeth wrote:
> Hello,
>
> We recently disabled SSLv3 and SSLv2 due to the poodle and other
> vulnerabilities however the plugins (both smtps and pop3s plugins) are now
> failing with the following:
>
> root at estonia:/usr/local/nagios/etc/check_multi#
> /usr/local/nagios/libexec/check_spop -a 184.170.132.66
> CRITICAL - Cannot make SSL connection
> 12515:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
> handshake failure:s23_clnt.c:596:
>
> Could you advise how we can check against TLS instead?
>
> Thank you,
>
> Andrew
>

Previous message: check_pop plugin poodle vulnerability
Next message: check_pop plugin poodle vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Help mailing list