check_pop plugin poodle vulnerability

B crazyworld at outlook.com
Mon Oct 20 07:21:08 CEST 2014


Looks like it's coming from check_tcp. You better run a tcpdump seeing 
what happens in SSL handshake first.
-B
On 10/19/2014 9:43 PM, Andrew Nemeth wrote:
> Hello,
>
> We recently disabled SSLv3 and SSLv2 due to the poodle and other
> vulnerabilities however the plugins (both smtps and pop3s plugins) are now
> failing with the following:
>
> root at estonia:/usr/local/nagios/etc/check_multi#
> /usr/local/nagios/libexec/check_spop -a 184.170.132.66
> CRITICAL - Cannot make SSL connection
> 12515:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
> handshake failure:s23_clnt.c:596:
>
> Could you advise how we can check against TLS instead?
>
> Thank you,
>
> Andrew
>




More information about the Help mailing list