Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: Updated OpenSSL Patch Presentation - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Updated OpenSSL Patch Presentation

I recorded an updated Internet Storm Center Briefing for today's OpenSSL patches. It corrects a couple of mistakes from this afternoon's live presentation and adds additional details to CVE-2014-0195.

 

Presentation Slides (PDF)

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

I will be teaching next: Defending Web Applications Security Essentials - SANS Brussels September 2019

Johannes

3605 Posts
ISC Handler
Anyone heard of a way to test systems after patching? Metasploit modules, NMap / Python scripts validated?
TeeOne

2 Posts
sadly I haven't seen any yet. These may be difficult to test for safely. The DoS issues may crash the server, so does the remote code execution vulnerability at this point. The MitM may be scannable but I haven't seen it yet.
Johannes

3605 Posts
ISC Handler
Thanks Johannes! Been listening to you for a long time now. I'll say hi in person if we're even in the same city at the same time.
TeeOne

2 Posts
Quoting TeeOne:Anyone heard of a way to test systems after patching? Metasploit modules, NMap / Python scripts validated?


RedHat made a Perl script checker available for testing for the CVE-2014-0224 (Change Cipher Spec) vulnerability. You might need a support contract to access (not sure), but it's at: https://access.redhat.com/labs/ccsinjectiontest/fake-client-early-ccs.pl . If you leave off the filename from that URL, it presents (or did yesterday) an online tester that will scan a server remotely from their system.
Landrew

6 Posts
I just reviewed my Qualys scan results. Qualys seems to have the ability to identify the vulnerability since it reported several devices in my scan.

Robert
rstrom

4 Posts

Sign Up for Free or Log In to start participating in the conversation!