Updated OpenSSL Patch Presentation
I recorded an updated Internet Storm Center Briefing for today's OpenSSL patches. It corrects a couple of mistakes from this afternoon's live presentation and adds additional details to CVE-2014-0195.
Keywords: openssl
5 comment(s)
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
×
Diary Archives
Comments
Anonymous
Jun 6th 2014
1 decade ago
Anonymous
Jun 6th 2014
1 decade ago
Anonymous
Jun 6th 2014
1 decade ago
RedHat made a Perl script checker available for testing for the CVE-2014-0224 (Change Cipher Spec) vulnerability. You might need a support contract to access (not sure), but it's at: https://access.redhat.com/labs/ccsinjectiontest/fake-client-early-ccs.pl . If you leave off the filename from that URL, it presents (or did yesterday) an online tester that will scan a server remotely from their system.
Anonymous
Jun 6th 2014
1 decade ago
Robert
Anonymous
Jun 9th 2014
1 decade ago