Etiket: allowing an attacker to masquerade as the affected service. Note that this plugin reports all SSL certificate chains signed with SHA-1 that expire after January 1

SQL Server SHA1 TO SHA256 change

SQL Server SHA1 TO SHA256 change ,SQL server 2012,SQL server 2014 ,SQL SERVER 2016  versiyonlarından öncesinde SQL Server bağlanırken sha1 algoritmasını kullanarak bağlanmaktadır ve bu güvenlik açığı olarak karşımıza gelmektedir.

The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service. Note that this plugin reports all SSL certificate chains signed with SHA-1 that expire after January 1, 2017 as vulnerable. This is in accordance with Google’s gradual sunsetting of the SHA-1 cryptographic hash algorithm. Note that certificates in the chain that are contained in the Nessus CA database (known_CA.inc) have been ignored.

Bu açığı gidermek için iki yöntem bulunmaktadır.

Loading

Okumaya devam et