BUG - Use of a Broken or Risky Cryptographic Algorithm - SymmetricBindingBuilder.java 753
Bug #1409124 reported by
David Camilo
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
rampart (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
We are currently using "rampart-
Use of a Broken or Risky Cryptographic Algorithm
Description:
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the disclosure of
sensitive information.
Thanks.
To post a comment you must log in.
I can't find any SymmetricBindin gBuilder. java nor jar files in the rampart source package; are you confident this is the correct package?
The description of librampart0 indicates it is to be used with Axis2/c -- if you're performing audits, I suspect that would be a fruitful place to start. I reported SSL vulnerabilities to them 1.5 years ago and never got a response. I suspect security is not a top priority for these projects.
Thanks