SSL/TLS: Report Supported Cipher Suites (1.3.6.1.4.1.25623.1.0.802067) reports that
:No ‘Anonymous’ cipher suites accepted by this service via the TLSv1.0 protocol.
SSL/TLS: Report ‘Anonymous’ Cipher Suites reports that (1.3.6.1.4.1.25623.1.0.108147) :
‘Anonymous’ cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
Then why do two different VTs give different results wherein one says that it doesn’t accept anonymous ciphers and the other says it does anonymous Ciphers?
Oh, sorry. I understood that you are asking why the Anonymous cipher suites are showing up at all but missed that you are asking for the difference in the output of both mentioned VTs.
Unfortunately i’m not able to answer this question due to the lack of knowledge on this code base responsible for reporting these things.
running a current and supported version of GVM and all of its components (21.04.4 is the current and only supported version)
using a current / up2 date feed
comparing the results for the very same system and/or port (e.g. one result could originating from port 443 while the other is coming from 8443)
Output of SSL/TLS: Report Supported Cipher Suites (1.3.6.1.4.1.25623.1.0.802067):
'Strong' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DH_anon_WITH_AES_256_CBC_SHA
'Medium' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
TLS_DH_anon_WITH_SEED_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
No 'Weak' cipher suites accepted by this service via the TLSv1.0 protocol.
No 'Null' cipher suites accepted by this service via the TLSv1.0 protocol.
'Anonymous' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
TLS_DH_anon_WITH_SEED_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
Output of VT SSL/TLS: Report ‘Anonymous’ Cipher Suites reports that (1.3.6.1.4.1.25623.1.0.108147):
'Anonymous' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
TLS_DH_anon_WITH_SEED_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA