[unisog] Remote detection of vulnerable OpenSSL versions (fwd)
r.fulton at auckland.ac.nz
Wed Sep 18 20:02:54 GMT 2002
On Thu, 2002-09-19 at 04:50, Anderson Johnston wrote:
> I'm sure these guys know what they are doing, but I hesitate to detect
> buffer overflow conditions by causing buffer overflows - even little ones.
> Has anyone more courageous than I tried this?
After a little testing on machines with know configurations I did an
nmap scan of the whole /16 for 443,993 and 995 and ran this tool against
everything that responded. Worked just great, no complaints from
anyone. And it found several systems that I had missed in my port 80
BTW, for testing SPOP and SIMSP don't use the -P or -I flags just give
It turned up a lot of windows boxes that are listening on 443 but not
responding to ssl negotiations. I have yet to investigate this. There
were also a few boxes with 'real' certs (signed by well known CAs) that
return X.509 errors of some sort.
Russell Fulton, Computer and Network Security Officer
The University of Auckland, New Zealand
"It aint necessarily so" - Gershwin
More information about the unisog