During an external penetration test, you run nmap --script ssl-enum-ciphers -p 443 corp.example.com. The scan shows the server negotiates TLS 1.0 and supports only legacy cipher suites, including TLS_RSA_WITH_3DES_EDE_CBC_SHA (effective key 112 bits) and TLS_RSA_WITH_RC4_128_SHA. No AES-based or forward-secret (DHE/ECDHE) suites are offered.
Which specific vulnerability should you report that MOST directly results from the server allowing these 64-bit block ciphers?
Support for OCSP stapling on the web server
Enforced HTTP Strict Transport Security (HSTS) policy
Exposure to the POODLE padding-oracle attack
Susceptibility to the SWEET32 birthday attack against 64-bit block ciphers
Because the site still offers 3DES_EDE_CBC-a 64-bit block cipher-the connection is vulnerable to the SWEET32 birthday attack (CVE-2016-2183). SWEET32 shows that after roughly 32 GB of traffic in a single TLS session, collisions in the limited 64-bit block space can be used to recover plaintext such as session cookies. The other options do not arise from using 3DES/RC4: POODLE requires an SSL 3.0 downgrade, HSTS is a defensive HTTP header, and OCSP stapling is a certificate-status feature unrelated to cipher choice.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SWEET32 and how does it exploit 64-bit block ciphers?
Open an interactive chat with Bash
Why are 64-bit block ciphers considered insecure today?
Open an interactive chat with Bash
What are forward-secret cipher suites and why are they preferred?