Wednesday, April 23, 2014

Nstalker free tool to detect heartbleed

Using Nstalker free tool to detect heartbleed

It can be used to detect heartbleed vulnerability via URL, host list (text file) or even IP range.

Problem has been uncovered by Neel Mehta at Google and a team (Riku, Antti and Matti) at Codenomicon, and the following versions of OpenSSL are affected:OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
Debian Wheezy (stable), OpenSSL 1.0.1e-2+deb7u4
Ubuntu 12.04.4 LTS, OpenSSL 1.0.1-4ubuntu5.11
CentOS 6.5, OpenSSL 1.0.1e-15
Fedora 18, OpenSSL 1.0.1e-4
OpenBSD 5.3 (OpenSSL 1.0.1c 10 May 2012) and 5.4 (OpenSSL 1.0.1c 10 May 2012)
FreeBSD 10.0 – OpenSSL 1.0.1e 11 Feb 2013
NetBSD 5.0.2 (OpenSSL 1.0.1e)
OpenSUSE 12.2 (OpenSSL 1.0.1c)
Versions lower than 1.0.1 are not vulnerable (0.9.x) or compiled with -DOPENSSL_NO_HEARTBEATS.




0 comments: