Thursday, May 22, 2008

openssl-blacklist update

http://www.ubuntu.com/usn/usn-612-1
http://www.ubuntu.com/usn/usn-612-3


You can test sslblacklist on any distro to se if they are broken



wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl-blacklist/openssl-blacklist_0.1-0ubuntu0.6.06.1.tar.gz
tar -zxvf openssl-blacklist_0.1-0ubuntu0.6.06.1.tar.gz
cd openssl-blacklist-0.1/
mkdir -p /usr/share/openssl-blacklist/
cp blacklist.RSA-* /usr/share/openssl-blacklist/



./openssl-vulnkey ssl.key/random_debian.key
Not blacklisted:fb11451111111111111111111111111 ssl.key/random_debian.key






http://metasploit.com/users/hdm/tools/debian-openssl/

No comments: