Analyzing Heartbleed Vulnerability |
Your connection is immune against heartbleed attack. |
Description: 'Heartbleed' was a critical vulnerability in SSL which would enable an adversary to retrieve sensitive
information from the corresponding server.
Validation Conditions: This test passes if the server is not vulnerable to this attack.
|
|
Analyzing CCS Vulnerability |
Your connection is immune against CCS attack. |
Description: OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing
of 'ChangeCipherSpec' messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in
certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions
or obtain sensitive information, via a crafted TLS handshake, aka the 'CCS Injection' vulnerability.
|
|
Analyzing Ticketbleed Vulnerability |
Your connection is immune against ticketbleed attack. |
Description: 'The Ticketbleed-Bug' was a programming error in enterprise-level hardware.
This bug allows a remote attacker to extract up to 31 bytes of uninitialized
memory at a time. This memory can potentially contain key material or
sensitive data from other connections.
Validation Conditions: This test passes if the server is not vulnerable to 'ticketbleed-bug'.
|
|
Analyzing ROBOT vulnerability |
Your connection is potentially vulnerable to ROBOT attack. |
Description: ROBOT is the return of a 19-year-old vulnerability that allows performing RSA
decryption and signing operations with the private key of a TLS server.
In 1998, Daniel Bleichenbacher discovered that the error messages given
by SSL servers for errors in the PKCS #1 v1.5 padding allowed an
adaptive-chosen ciphertext attack; this attack fully breaks the
confidentiality of TLS when used with RSA encryption.
Validation Conditions: This test passes if the sever is not vulnerable to the ROBOT attack.
|
|
Analyzing Secure Renegotiation |
OpenSSL handshake do not succeed |
Description: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used
in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache
HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier,
Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple
Cisco products, and other products, does not properly associate renegotiation
handshakes with an existing connection, which allows man-in-the-middle attackers
to insert data into HTTPS sessions, and possibly other types of sessions
protected by TLS or SSL, by sending an unauthenticated request that is processed
retroactively by a server in a post-renegotiation context, related to a
"plaintext injection" attack, aka the "Project Mogul" issue.
Validation Conditions: This test passes if the server is not vulnerable to this bug.
|
no session ticket extension |
|
Analyzing Client-initiated Secure Connection |
Your server is properly configured to support Secure Client Renegotiation. |
Description: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, while implemented on many different
products, cannot perform a renegotiation handshake correctly. This allows attackers to use a
man-in-the-middle attack to insert data into HTTPS sessions, and possibly other types of sessions
protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by
a server in a post-renegotiation context, related to a "plaintext injection" attack,
aka the "Project Mogul" issue.
Validation Conditions: This test passes if the server does not have this vulnerability.
|
|