I recorded an updated Internet Storm Center Briefing for today's OpenSSL patches. It corrects a couple of mistakes from this afternoon's live presentation and adds additional details to CVE-2014-0195.
--- |
Johannes 4479 Posts ISC Handler Jun 5th 2014 |
Thread locked Subscribe |
Jun 5th 2014 7 years ago |
Anyone heard of a way to test systems after patching? Metasploit modules, NMap / Python scripts validated?
|
TeeOne 2 Posts |
Quote |
Jun 6th 2014 7 years ago |
sadly I haven't seen any yet. These may be difficult to test for safely. The DoS issues may crash the server, so does the remote code execution vulnerability at this point. The MitM may be scannable but I haven't seen it yet.
|
Johannes 4479 Posts ISC Handler |
Quote |
Jun 6th 2014 7 years ago |
Thanks Johannes! Been listening to you for a long time now. I'll say hi in person if we're even in the same city at the same time.
|
TeeOne 2 Posts |
Quote |
Jun 6th 2014 7 years ago |
Quoting TeeOne:Anyone heard of a way to test systems after patching? Metasploit modules, NMap / Python scripts validated? RedHat made a Perl script checker available for testing for the CVE-2014-0224 (Change Cipher Spec) vulnerability. You might need a support contract to access (not sure), but it's at: https://access.redhat.com/labs/ccsinjectiontest/fake-client-early-ccs.pl . If you leave off the filename from that URL, it presents (or did yesterday) an online tester that will scan a server remotely from their system. |
Landrew 6 Posts |
Quote |
Jun 6th 2014 7 years ago |
I just reviewed my Qualys scan results. Qualys seems to have the ability to identify the vulnerability since it reported several devices in my scan.
Robert |
rstrom 7 Posts |
Quote |
Jun 9th 2014 7 years ago |
Sign Up for Free or Log In to start participating in the conversation!