Nmap Development mailing list archives
[NSE] ssl-ccs-injection CVE correction
From: Evan Hutchinson <me () evanhutchinson ca>
Date: Fri, 05 Sep 2014 20:15:50 -0500
The script description references the wrong CVE number. Patch against revision 33654 follows: Index: scripts/ssl-ccs-injection.nse =================================================================== --- scripts/ssl-ccs-injection.nse (revision 33654) +++ scripts/ssl-ccs-injection.nse (working copy) @@ -14,7 +14,7 @@ description = [[ Detects whether a server is vulnerable to the SSL/TLS "CCS Injection" -vulnerability (CVE-2014-0160), first discovered by Masashi Kikuchi. +vulnerability (CVE-2014-0224), first discovered by Masashi Kikuchi. The script is based on the ccsinjection.c code authored by Ramon de C Valle (https://gist.github.com/rcvalle/71f4b027d61a78c42607)
Attachment:
ssl-ccs-cvs-number.patch
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] ssl-ccs-injection CVE correction Evan Hutchinson (Sep 05)
- Re: [NSE] ssl-ccs-injection CVE correction Daniel Miller (Sep 05)