Created
April 8, 2014 01:18
-
-
Save dyurk/10080225 to your computer and use it in GitHub Desktop.
Check against TLS heartbeat read overrun (CVE-2014-0160)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo; echo -e "quit\n" | openssl s_client -connect myhappyserver.com:443 -tlsextdebug 2>&1| grep 'TLS server extension "heartbeat" (id=15), len=1' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Looks like this only verifies that heartbeat is enabled. It still reports as vulnerable after applying the Ubuntu patch.