[cisco-voip] openSSL and heartbleed
Mehtab Shinwari
mshinwari at fidelus.com
Tue Apr 8 23:13:13 EDT 2014
Joshua,
Thanks for such a quick reply. I just opened it on my mobile phone and it looks promising.
Have to flex some python muscels will have to write an addition call so it will check a bunch of IP addresses at once and dump the results in a text file.
Thank you again.
Mehtab Shinwari | CCNP RS/V
Senior Support Engineer
-------- Original message --------
From: Joshua Morgan <joshua.morgan at gmail.com>
Date:
To: Mehtab Shinwari <mshinwari at fidelus.com>
Cc: bmeade90 at vt.edu,lelio at uoguelph.ca,cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] openSSL and heartbleed
It's likely this script or a modified version thereof: https://gist.github.com/takeshixx/10107280
Josh
On Wed, Apr 9, 2014 at 1:02 PM, Mehtab Shinwari <mshinwari at fidelus.com<mailto:mshinwari at fidelus.com>> wrote:
Brian,
Is the script internal to Cisco? I would love to do some internal testing in my lab on a few different versions before I send notifications to our clients that have the affected versions.
In other words can I please have the script? :)
Mehtab Shinwari | CCNP RS/V
Senior Support Engineer
-------- Original message --------
From: Brian Meade <bmeade90 at vt.edu<mailto:bmeade90 at vt.edu>>
Date:
To: Lelio Fulgenzi <lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>
Cc: cisco-voip voyp list <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>
Subject: Re: [cisco-voip] openSSL and heartbleed
Here's what I found testing against 9.1.2.10000.28 with a slightly modified python script:
bmeade at ubuntu:~$ python vulnscript 10.3.11.250
Connecting...
Sending Client Hello...
Waiting for Server Hello...
... received message: type = 22, ver = 0301, length = 1012
Sending heartbeat request...
Unexpected EOF receiving record header - server closed connection
No heartbeat response received, server likely not vulnerable
This is assuming the released script is checking for the vulnerability properly.
Brian
On Tue, Apr 8, 2014 at 5:51 PM, Brian Meade <bmeade90 at vt.edu<mailto:bmeade90 at vt.edu><mailto:bmeade90 at vt.edu<mailto:bmeade90 at vt.edu>>> wrote:
I haven't seen one. Currently trying to run the example python script against one of my clusters but having some trouble.
On Tue, Apr 8, 2014 at 5:24 PM, Lelio Fulgenzi <lelio at uoguelph.ca<mailto:lelio at uoguelph.ca><mailto:lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>> wrote:
weird. for some reason i fixated on the date beneath the entry in the search listing which had 2011, which made more sense.
do you know if there is a more recent advisory?
---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph
519‐824‐4120 Ext 56354<tel:519%E2%80%90824%E2%80%904120%20Ext%2056354><tel:519%E2%80%90824%E2%80%904120%20Ext%2056354>
lelio at uoguelph.ca<mailto:lelio at uoguelph.ca><mailto:lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>
www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs><http://www.uoguelph.ca/ccs>
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1
________________________________
From: "Brian Meade" <bmeade90 at vt.edu<mailto:bmeade90 at vt.edu><mailto:bmeade90 at vt.edu<mailto:bmeade90 at vt.edu>>>
To: "Lelio Fulgenzi" <lelio at uoguelph.ca<mailto:lelio at uoguelph.ca><mailto:lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>>
Cc: "cisco-voip voyp list" <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net><mailto:cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>>
Sent: Tuesday, April 8, 2014 5:16:32 PM
Subject: Re: [cisco-voip] openSSL and heartbleed
I don't think that's the correct advisory. That's a DoS vulnerability from 2004.
Brian
On Tue, Apr 8, 2014 at 5:11 PM, Lelio Fulgenzi <lelio at uoguelph.ca<mailto:lelio at uoguelph.ca><mailto:lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>> wrote:
nevermind... my first search did not produce results...
http://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20040317-openssl.html
---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph
519‐824‐4120 Ext 56354<tel:519%E2%80%90824%E2%80%904120%20Ext%2056354><tel:519%E2%80%90824%E2%80%904120%20Ext%2056354>
lelio at uoguelph.ca<mailto:lelio at uoguelph.ca><mailto:lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>
www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs><http://www.uoguelph.ca/ccs>
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1
________________________________
From: "Lelio Fulgenzi" <lelio at uoguelph.ca<mailto:lelio at uoguelph.ca><mailto:lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>>
To: "cisco-voip voyp list" <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net><mailto:cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>>
Sent: Tuesday, April 8, 2014 5:09:01 PM
Subject: openSSL and heartbleed
Does anyone know if/when Cisco will be coming out with a security advisory about Open SSL and heartbleed?
http://threatpost.com/seriousness-of-openssl-heartbleed-bug-sets-in/105309
---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph
519‐824‐4120 Ext 56354<tel:519%E2%80%90824%E2%80%904120%20Ext%2056354><tel:519%E2%80%90824%E2%80%904120%20Ext%2056354>
lelio at uoguelph.ca<mailto:lelio at uoguelph.ca><mailto:lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>
www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs><http://www.uoguelph.ca/ccs>
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net><mailto:cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>
https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip
More information about the cisco-voip
mailing list