OpenSSL prior to 0.9.8za, 1.0.0 prior to 1.0.0m, and 1.0.1 prior to 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle malicious users to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
| Vendor | Product | Versions |
|---|---|---|
| Openssl | Openssl | 0.9.8y, 1.0.0, 1.0.0a, 1.0.0b, 1.0.0c, 1.0.0d, 1.0.0e, 1.0.0f, 1.0.0g, 1.0.0h, 1.0.0i, 1.0.0j, 1.0.0k, 1.0.0l, 1.0.1, 1.0.1a, 1.0.1b, 1.0.1c, 1.0.1d, 1.0.1e, 1.0.1f, 1.0.1g |
| Redhat | Jboss Enterprise Application Platform | 5.2.0, 6.2.3 |
| Redhat | Jboss Enterprise Web Platform | 5.2.0 |
| Redhat | Jboss Enterprise Web Server | 2.0.1 |
| Redhat | Storage | 2.1 |
| Redhat | Enterprise Linux | 4, 5, 6.0 |
| Fedoraproject | Fedora | * |
| Opensuse | Opensuse | 13.1, 13.2 |
Detects whether a server is vulnerable to the SSL/TLS "CCS Injection" vulnerability (CVE-2014-0224), first discovered by Masashi Kikuchi. The script is based on the ccsinjection.c code authored by Ramon de C Valle (https://gist.github.com/rcvalle/71f4b027d61a78c42607)
Vulmon
nmap -p 443 --script ssl-ccs-injection <target>
PORT STATE SERVICE
443/tcp open https
| ssl-ccs-injection:
| VULNERABLE:
| SSL/TLS MITM vulnerability (CCS Injection)
| State: VULNERABLE
| Risk factor: High
| Description:
| OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before
| 1.0.1h does not properly restrict processing of ChangeCipherSpec
| messages, which allows man-in-the-middle attackers to trigger use
| of a zero-length master key in certain OpenSSL-to-OpenSSL
| communications, and consequently hijack sessions or obtain
| sensitive information, via a crafted TLS handshake, aka the
| "CCS Injection" vulnerability.
|
| References:
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
| http://www.cvedetails.com/cve/2014-0224
|_ http://www.openssl.org/news/secadv_20140605.txtThis module checks for the OpenSSL ChangeCipherSpec (CCS) Injection vulnerability. The problem exists in the handling of early CCS messages during session negotiation. Vulnerable installations of OpenSSL accepts them, while later implementations do not. If successful, an attacker can leverage this vulnerability to perform a man-in-the-middle (MITM) attack by downgrading the cipher spec between a client and server. This issue was first reported in early June, 2014.
msf > use auxiliary/scanner/ssl/openssl_ccs
msf auxiliary(openssl_ccs) > show actions
...actions...
msf auxiliary(openssl_ccs) > set ACTION <action-name>
msf auxiliary(openssl_ccs) > show options
...show and set options...
msf auxiliary(openssl_ccs) > runAdam Langley's tool for testing for OpenSSL CVE-2014-0224, originally published here: wwwimperialvioletorg/2014/06/05/earlyccshtml To build the tool: $ export GOPATH=$(pwd) $ go build openssl-ccs-cve-2014-0224go Tested with go 122 and 13 The src/my-tls directory contains the patched version of the crypto/tls package
OpenSSL CCS Inject Test This script is designed for detection of vulnerable servers (CVE-2014-0224) in a wide range of configurations It attempts to negotiate using each affected protocol version (SSLv3, TLSv1, TLSv11, and TLSv12) advertising a comprehensive set of ciphers Changes: v01 - Updated receive buffer sizes to account for longer certificate messages v02 - Upda
Evaluates hosts for CVE-2014-0224 vulnerability cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2014-0224 Usage: ccs-evalpy list-of-hoststxt -Takes in a list of hosts, line seperated Checks the host for common SSL ports using nmap Peforms PoC injection test supplied by RedHat (fake-client-early-ccspl) Writes results to "local-results-list-of-hoststxt"
CVE advisories tests CVE-2015-0235 (GHOST) CVE-2014-0224 (OpenSSL CCS injection)
OPENSSL CVE-2014-0224 MITM exploit demo Author : @bluerust Blog : hibaiducom/bluerust/item/bf2ab031bbadcf09cfb9fe41 Ver : 11 Desc : Only for openssl 101*, only tested for cipher RC4-SHA a server openssl s_server -debug -accept 443 -cert servercrt -certform PEM -key serverkey -cipher RC4-SHA we don't want to discuss how to generate the certificate i
Go secureserver Out-of-the-box, Go is a fully capable HTTP/HTTPS server However, it is not configured correctly to avoid malicious clients, timeouts, or even simple SSL auto setup with LetsEncryptorg This repository exists to help go developers launch a secure, simple HTTPS server This configuration blocks major attacks like: BEAST attack POODLE (SSLv3) POODLE (TLS) Heartb
This is a tool to test servers for CVE-2014-0224 To build: $ export GOPATH=$(pwd) $ go build clientgo To run: $ /client examplecom:443 examplecom:443 is not vulnerable
#cve-2014-0224:early ccs injection ##0概述 SSL协议是安全套接层协议,用于客户端和服务器之间加密传输,能很好实现数据加密、防篡改。其中,openssl组件是linux平台上实现SSL/TLS协议的有效工具。 early ccs injection漏洞既心血漏洞后openssl再次轰动,该漏洞潜伏了15+年,从初代openssl版本就存在一
Donate if you want wwwpaypalme/compilenix How it looks Slack CLI All config settings (or defaults via Configexamplejs) are overwritten by cli parameters! node indexjs --enableSlack false --domains wwwmicrosoftcom,expiredbadsslcom --ignore Expire,PubKeySize Usage install nvm (githubcom/creationix/nvm) install c/c++ build tools apt install build-essen
qualysparser A python script to parse Qualys Reports effectively Filter our Qualys data based on Title, Severity, QID or CVE Sample Usage eg, usage 1: python qualysparsepy -f qualysreportcsv -t "Feature Denial of Service" eg, usage 2: python qualysparsepy -f qualysreportcsv -s 5 eg, usage 3: python qualysparsepy -f qualysreportcsv -c CVE-2014-0224
MassBleed SSL Vulnerability Scanner USAGE: sh massbleedsh [CIDR|IP] [single|port|subnet] [port] [proxy] ABOUT: This script has four main functions with the ability to proxy all connections: To mass scan any CIDR range for OpenSSL vulnerabilities via port 443/tcp (https) (example: sh massbleedsh 19216800/16) To scan any CIDR range for OpenSSL vulnerabilities via any cust
MassBleed SSL Vulnerability Scanner USAGE: sh massbleedsh [CIDR|IP] [single|port|subnet] [port] [proxy] ABOUT: This script has four main functions with the ability to proxy all connections: To mass scan any CIDR range for OpenSSL vulnerabilities via port 443/tcp (https) (example: sh massbleedsh 19216800/16) To scan any CIDR range for OpenSSL vulnerabilities via any cust
YAWAST The YAWAST Antecedent Web Application Security Toolkit YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors It performs basic checks in these categories: TLS/SSL - Versions and cipher suites supported; common issues Information Disclosure - Checks for common information leaks Presenc
1 A2SV? Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK etc A Support Vulnerability - CVE-2007-1858] Anonymous Cipher - CVE-2012-4929] CRIME(SPDY) - CVE-2014-0160] CCS Injection - CVE-2014-0224] HeartBleed - CVE-2014-3566] SSLv3 POODLE - CVE-2015-0204] FREAK Attack - CVE-2015-4000] LOGJAM Attack - CVE-2016-0800] SSLv2 DROWN B Dev Plan -
1 A2SV? Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK etc A Support Vulnerability - CVE-2007-1858] Anonymous Cipher - CVE-2012-4929] CRIME(SPDY) - CVE-2014-0160] CCS Injection - CVE-2014-0224] HeartBleed - CVE-2014-3566] SSLv3 POODLE - CVE-2015-0204] FREAK Attack - CVE-2015-4000] LOGJAM Attack - CVE-2016-0800] SSLv2 DROWN B Dev Plan -
1 A2SV? Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK etc A Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SDPY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN B Dev Plan [PLAN
1 A2SV? Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK etc A Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SDPY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN B Dev Plan [PLAN
We're upgrading it anyway. Honest, no really, yawns Ministry of Justice
The Criminal Justice Secure eMail system (CJSM) relies on insecure protocols that some security conscious organisations deliberately block, claims a Register source.
CJSM is run by Vodafone on behalf of the government and designed to provide secure communications between the GSI (Government Secure Intranet) and external organisations in the criminal justice field, such as solicitors and police contractors.
Security problems with the system came to El Reg’s attention following a tip...
Synology finally patches OpenSSL bugs in Trevor's NAS
Sysadmin blog Synology quietly released version 4.2-3250 of its DiskStation Manager (DSM) operating system this month. This squashes critical security bugs in version 4.2 of DSM – bugs that were fixed in version 5.0 in June, so consider this a back port.
Version 4.2 is old but still in use in various models, such as the DS109. The update got me thinking about the security of NASes and similar devices on our networks.
New build 3250 addresses a kernel-level security issue as well as...
Researcher suspended after zero-day dump
FireEye has patched a series of publicly-disclosed flaws in its operating system (FEOS) that facilitated man-in-the-middle attacks and command injection.
The vulnerabilities released over June affected versions NX, EX, AX, FX, and CM of the FEOS and were patched in the first individual security bulletin for the system.
The company urged customers to apply fixes.
"FireEye encourages all customers to upgrade to the most current releases as soon as practical - especially customers...
Android 4.4.4 shipping just 18 days after the previous version
Android fans who are hoping Google will debut a new version of the OS at its annual I/O conference in San Francsico next week might be in for a disappointment ... because the company is rolling out a new version this week.
On Friday, the Chocolate Factory published firmware images of Android 4.4.4 – yes, we're still talking "KitKat" – for the Nexus 4 and 5 phones and the Nexus 7 and 10 fondleslabs. The build number of the new release is KTU84P.
There are no official release notes...
Certain mitigating factors made the recent OpenSSL man-in-the-middle vulnerability a notch or two below Heartbleed in terms of criticality. With that in consideration, it’s probably no surprise that patching levels for CVE-2014-0224 aren’t as high out of the gate as they were for Heartbleed.
Ivan Ristic, an application security researcher and director of engineering at Qualys, said that his company’s research arm, SSL Labs, has been running a remote check for servers vulnerable to th...
While the group of vulnerabilities that the OpenSSL Project patched last week hasn’t grown into the kind of mess that the Heartbleed flaw did, the vulnerabilities still affect a huge range of products. Vendors are still making their way through the patching process, and VMware has released an advisory confirming that a long list of its products are vulnerable to the latest OpenSSL bugs. The company said in the advisory that there is only a patch available for one of its products right now, ESX...
On a scale of 1 to Heartbleed, this is a 7
The OpenSSL team has pushed out fixes for six security vulnerabilities in the widely used crypto library.
These holes include a flaw that enables man-in-the-middle (MITM) eavesdropping on encrypted connections, and another that allows miscreants to drop malware on at-risk systems.
A DTLS invalid fragment bug (CVE-2014-0195, affects versions 0.9.8, 1.0.0 and 1.0.1) can be used to inject malicious code into vulnerable software in apps, devices and servers. DTLS is more or less TLS encr...
There is a new, remotely exploitable vulnerability in OpenSSL that could enable an attacker to intercept and decrypt traffic between vulnerable clients and servers. The flaw affects all versions of the OpenSSL client and versions 1.0.1 and 1.0.2-beta1 of the server software.
The new vulnerability could only be exploited to decrypt traffic between a vulnerable client and a vulnerable server, and the attacker would need to have a man-in-the-middle position on a network in order to do so. Tha...