Skip to content

Instantly share code, notes, and snippets.

@dyurk
Created April 8, 2014 01:18
Show Gist options
  • Save dyurk/10080225 to your computer and use it in GitHub Desktop.
Save dyurk/10080225 to your computer and use it in GitHub Desktop.
Check against TLS heartbeat read overrun (CVE-2014-0160)
echo; echo -e "quit\n" | openssl s_client -connect myhappyserver.com:443 -tlsextdebug 2>&1| grep 'TLS server extension "heartbeat" (id=15), len=1'
@seriallos
Copy link

Looks like this only verifies that heartbeat is enabled. It still reports as vulnerable after applying the Ubuntu patch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment