Details
-
Suggestion
-
Resolution: Fixed
Description
This came up during a security audit, I'm not sure that I understand why this issue keeps getting closed when it poses a possible security threat. Until this issue gets resolved we're going to be blocking ssh access to Stash. I understand that this may require a complicated fix, but this software isn't necessarily cheap either.
Weak cipher algorithms:
3des-cbc
aes128-cbc
blowfish-cbc
Weak MAC algorithms:
hmac-md5
hmac-md5-96
hmac-sha1-96