Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED How to disable LUCKY13 (CVE-2013-0169) PureFTP

Discussion in 'Security' started by JIKOmetrix, Mar 20, 2019.

  1. JIKOmetrix

    JIKOmetrix Well-Known Member

    Joined:
    Apr 3, 2007
    Messages:
    78
    Likes Received:
    7
    Trophy Points:
    158
    Hello,

    My Merchant provider did a PCI scan and I was asked to fix a few things.

    During my testing before rescanning for PCI comp I saw mention of:

    LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches​

    I was testing with testssl.sh

    ./testssl.sh --starttls ftp 144.xxx.zzz.xxx:21

    How do I disable the LUCKY13 cipher in PureFTP?

    Is it as simple as adding !LUCKY13 to the cipher list?

    I currently have the cipher suite set as "HIGH:+TLSv1:!SSLv2:+SSLv3:!aNULL:!eNULL"

    Thanks,
    Mike
     
    #1 JIKOmetrix, Mar 20, 2019
    Last edited by a moderator: Mar 20, 2019
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,716
    Likes Received:
    436
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. JIKOmetrix

    JIKOmetrix Well-Known Member

    Joined:
    Apr 3, 2007
    Messages:
    78
    Likes Received:
    7
    Trophy Points:
    158
    Yes, I did not know how to remove this one. Sorry for double post.
     
    cPanelLauren likes this.
  4. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,716
    Likes Received:
    436
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    No worries, I just wanted to make sure there wasn't still a continuing issue! Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice