Nmap Development mailing list archives

Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL

From: Claudiu Perta <claudiu.perta () gmail com>
Date: Thu, 19 Jun 2014 18:24:48 +0100

I seem to be getting a lot of false positives with this script. It is
identifying machines as vulnerable that aren't even running OpenSSL.

I am using it to scan an entire Class B. Can something be done to
decrease the false positives?



Sorry I didn't have time to look into it earlier, more people actually
reported this.

I run some tests with GnuTLS and got false-positives as well. I'm attaching
the patched version, which should hopefully fix the issue (there just a
couple of minor changes, I'm also attaching the diff).

Thanks,
Claudiu

Attachment: ssl-ccs-injection.nse.diff
Description:

Attachment: ssl-ccs-injection.nse
Description:

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

NSE script detecting "CCS Injection" vulnerability in OpenSSL Claudiu Perta (Jun 08)
- Message not available
  - Message not available
    - Message not available
    - Message not available
    - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Daniel Miller (Jun 09)
    - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Claudiu Perta (Jun 11)
    - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Daniel Miller (Jun 11)
    - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Daniel Miller (Jun 11)
- Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Kent Fritz (Jun 10)
- <Possible follow-ups>
- Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL vito (Jun 19)
  - Re: NSE script detecting "CCS Injection" vulnerability in OpenSSL Claudiu Perta (Jun 19)