On the target server (XXXX.XXXX.gov.ae), the FTP service (port 21) and mail services (POP3, IMAP, etc.) contain Diffie-Hellman key exchange vulnerabilities. Specifically, the FTP service allows the use of anonymous DH (ADH) cipher suites, while the mail service uses a weak 1024-bit DH group. Could these vulnerabilities allow an attacker to conduct a man-in-the-middle attack, decrypt communications, and steal credentials and sensitive data?
evidence:
Output snippet:
40A7F6539B7F0000:error:0A000126:SSL routines::unexpected eof while reading:../ssl/record/rec_layer_s3.c:696:
evidence:
openssl s_client -connect xxxx.xxxxx.gov.ae:21 -starttls ftp -cipher ADHOutput snippet:
Connecting to 66.7.202.137CONNECTED(00000003)---no peer certificate available---No client certificate CA names sentPeer Temp Key: DH, 3072 bits---SSL handshake has read 1447 bytes and written 1996 bytesVerification: OK---New, TLSv1.2, Cipher is ADH-AES256-GCM-SHA384Protocol: TLSv1.2Secure Renegotiation IS supportedCompression: NONEExpansion: NONENo ALPN negotiatedSSL-Session: Protocol : TLSv1.2 Cipher : ADH-AES256-GCM-SHA384 Session-ID: B010E779ACAFA7283E6D5F634F8C9FD690E8CEC2D3E82D513930F9E78D46DF00 Session-ID-ctx: Master-Key: 07B3E2F962D9B3777D6CC65C68D862B900E492064AD132280E4989E3D30DEA31E893E53EF03F07ADBE8F2477BFE82487 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 3600 (seconds) TLS session ticket: 0000 - b9 2b 6f bc 3d db 92 61-f8 87 ba 1b c6 45 82 67 .+o.=..a.....E.g 0010 - 8c c5 51 ae 97 be e0 a0-d2 ae b6 82 d7 3d b5 f6 ..Q..........=.. 0020 - 4d 09 dd e3 d9 87 48 9a-a9 6c cb 79 ba 2a c5 9d M.....H..l.y.*.. 0030 - 07 18 80 35 bb a3 c0 68-fe 53 18 a2 b0 b9 65 f9 ...5...h.S....e. 0040 - cd 66 0b 88 4c d0 db a9-28 9f be 57 c9 ea b4 b6 .f..L...(..W.... 0050 - 0f 66 36 c6 2e e8 ee 51-d5 58 7a 39 47 d1 53 a5 .f6....Q.Xz9G.S. 0060 - dc bd 65 d8 d6 de a0 54-86 bc 2a b4 30 75 af 68 ..e....T..*.0u.h 0070 - 9d 6a 71 3c 31 d8 49 0b-aa 74 a3 99 70 4d fd f9 .jq<1.I..t..pM.. 0080 - 11 92 24 5f b0 30 97 f6-b7 93 ca 19 b7 cf 27 8e ..$_.0........'. 0090 - 4b 62 b3 81 6d f5 2f 33-d6 40 86 0a cd bd e5 0c Kb..m./3.@...... 00a0 - ce bd a9 26 e4 b1 ba fe-6b 66 8f 0b af 95 79 19 ...&....kf....y. 00b0 - bf 41 6a 4d fe ba 1f c6-ab 30 cb 4c bf cc 5d 25 .AjM.....0.L..]% Start Time: 1760696414 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no---220 You will be disconnected after 15 minutes of inactivity.40A7F6539B7F0000:error:0A000126:SSL routines::unexpected eof while reading:../ssl/record/rec_layer_s3.c:696: