Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-11-04 07:45:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1305 from drwetter/renego_fixes

Browse Source 
Add CVE for Secure Client-Initiated Renegotiation vulnerability
This commit is contained in:
Dirk Wetter
2019-08-09 19:46:51 +02:00
committed by GitHub
parent 5fed82f4c2 fc1206cfea
commit 251071081e
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
testssl.sh
View File

@@ -14100,6 +14100,7 @@ run_renego() {
pr_bold " Secure Client-Initiated Renegotiation " pr_bold " Secure Client-Initiated Renegotiation "
jsonID="secure_client_renego" jsonID="secure_client_renego"
cve="CVE-2011-1473"
# see: https://blog.qualys.com/ssllabs/2011/10/31/tls-renegotiation-and-denial-of-service-attacks # see: https://blog.qualys.com/ssllabs/2011/10/31/tls-renegotiation-and-denial-of-service-attacks
# http://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html -- head/get doesn't seem to be needed though # http://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html -- head/get doesn't seem to be needed though
# https://archive.fo/20130415224936/http://www.thc.org/thc-ssl-dos/, https://vincent.bernat.ch/en/blog/2011-ssl-dos-mitigation # https://archive.fo/20130415224936/http://www.thc.org/thc-ssl-dos/, https://vincent.bernat.ch/en/blog/2011-ssl-dos-mitigation