While checking out if my system had any vulnerabilities, I used Qualys' Free Scan, which utilizes their QualysGuard tool to scan my system. Here's what it looks like in the TCP View application.

And portion of the scan results:

Severity Analysis
  3 SSL Server Supports Weak Encryption Vulnerability
  2 SSL Certificate - Improper Usage Vulnerability
  2 SSL Certificate - Signature Verification Failed Vulnerability
  2 SSL Certificate - Subject Common Name Does Not Match Server FQDN
  2 SSL Certificate - Self-Signed Certificate

 

Vulnerability: SSL Server Supports Weak Encryption Vulnerability
Qualys ID : 38140   
Port : 110
Threat:
The Secure Socket Layer (SSL) protocol allows for secure communication between a client and a server.

SSL encryption ciphers are classified based on encryption key length as follows:


  • HIGH - key length larger than 128 bits
  • MEDIUM - key length equal to 128 bits
  • LOW - key length smaller than 128 bits


Messages encrypted with LOW encryption ciphers are easy to decrypt. Commercial SSL servers should only support MEDIUM or HIGH strength ciphers to guarantee transaction security.

The following link provides more information about this vulnerability:


Please note that this detection only checks for weak cipher support at the SSL layer. Some servers may implement additional protection at the data layer. For example, some SSL servers and SSL proxies (such as SSL accelerators) allow cipher negotiation to complete but send back an error message and abort further communication on the secure channel. This vulnerability may not be exploitable for such configurations.
Consequences: An attacker can exploit this vulnerability to decrypt secure communications without authorization.
Solution:
Disable support for LOW encryption ciphers.
Apache

Typically, for Apache/mod_ssl, httpd.conf or ssl.conf should have the following lines:

SSLProtocol -ALL +SSLv3 +TLSv1

SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM


For Apache/apache_ssl include the following line in the configuration file (httpsd.conf):

SSLRequireCipher ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM


Tomcat


sslProtocol="SSLv3"

ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_W

ITH_3DES_EDE_CBC_SHA"


IIS


How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll (Windows restart required)

How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services (Windows restart required)

Security Guidance for IIS
For Novell Netware 6.5 please refer to the following document
SSL Allows the use of Weak Ciphers. -TID10100633