AnsweredAssumed Answered

QID: 38596 - Don't validate the issue correctly

Question asked by Silvio Sammartano on Apr 8, 2015
Latest reply on Apr 16, 2015 by Robert Dell'Immagine

After analise this issue, we understand that the Qualys Appliance do not validate version of application or the RFC 5746 applied, to indicate that is vunerable.

 

The single test executed is: if reply to Renegotiation or Not.

 

Where the correctly is validate the response:

"Secure Renegotiation IS supported"

or

"Secure Renegotiation IS NOT supported"

 

And version of the application.

 

I am correct?

Outcomes