Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-08 19:52:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add documentation for STARTTLS injection's cmd line flag

Browse Source 
and also the modified one for ROBOT
This commit is contained in:
Dirk Wetter
2020-09-02 18:23:11 +02:00
parent 4a167f6ac5
commit 35b79f65ee
3 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/testssl.1.html
View File

@ -315,7 +315,9 @@ Also for multiple server certificates are being checked for as well as for the c
<p><code>-T, --ticketbleed</code> Checks for Ticketbleed memory leakage in BigIP loadbalancers.</p>
<p><code>-BB, --robot</code> Checks for vulnerability to ROBOT / (<em>Return Of Bleichenbacher's Oracle Threat</em>) attack.</p>
<p><code>--BB, --robot</code> Checks for vulnerability to ROBOT / (<em>Return Of Bleichenbacher's Oracle Threat</em>) attack.</p>
<p><code>--SI, --starttls-injection</code> Checks for STARTTLS injection vulnerabilities (SMTP, IMAP, POP3 only). <code>socat</code> and OpenSSL &ge;1.1.0 is needed.</p>
<p><code>-R, --renegotiation</code> Tests renegotiation vulnerabilities. Currently there's a check for <em>Secure Renegotiation</em> and for <em>Secure Client-Initiated Renegotiation</em>. Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP). A check for <em>Insecure Client-Initiated Renegotiation</em> is not yet implemented.</p>