For the past two months our PCI compliance test has noted "BEAST (Browser Exploit Against SSL/TLS) Vulnerability" and SSLv2 cryptographic weaknesses.
Is this a settings issue that I can resolve?
Is this a settings issue that I can resolve?
All Replies (1)
SSL2 is no longer supported in current Firefox version AFAIK.
- bug 593077 - Remove SSL 2.0 support
See also:
- bug 665814 - (CVE-2011-3389) Rizzo/Duong chosen plaintext attack (BEAST) on SSL/TLS 1.0 (facilitated by websockets -76)
Maybe try to ask advice at a security related forum.