Nmap Development mailing list archives

NSE script detecting "CCS Injection" vulnerability in OpenSSL

From: Claudiu Perta <claudiu.perta () gmail com>
Date: Sun, 8 Jun 2014 23:07:41 +0100

Hi everybody,

I implemented a script (in attachment) that checks for the "CCS Injection"
vulnerability in OpenSSL (CVE-2014-0224 [1]). The code is based on the C
implementation at https://gist.github.com/rcvalle/71f4b027d61a78c42607

Any feedback is welcomed.

Cheers,
Claudiu

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224

Attachment: ssl-ccs-injection.nse
Description:

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

NSE script detecting "CCS Injection" vulnerability in OpenSSL Claudiu Perta (Jun 08)
- Message not available
  - Message not available
    - Message not available
    - Message not available
    - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Daniel Miller (Jun 09)
    - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Claudiu Perta (Jun 11)
    - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Daniel Miller (Jun 11)
    - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Daniel Miller (Jun 11)
- Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Kent Fritz (Jun 10)
- <Possible follow-ups>
- Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL vito (Jun 19)
  - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Claudiu Perta (Jun 19)