Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-06 00:39:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #726 from oerdnj/2.9dev-no-downgrade-breach

Browse Source 
Revert "Downgrade BREACH attack to MEDIUM severity"
This commit is contained in:
Dirk Wetter 2017-04-25 23:10:11 +02:00 committed by GitHub
commit ef10fc3119
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
testssl.sh
View File

@ -9548,7 +9548,7 @@ run_breach() {
pr_svrty_high "potentially NOT ok, uses $result HTTP compression." pr_svrty_high "potentially NOT ok, uses $result HTTP compression."
outln "$disclaimer" outln "$disclaimer"
outln "$spaces$when_makesense" outln "$spaces$when_makesense"
fileout "breach" "MEDIUM" "BREACH: potentially VULNERABLE, uses $result HTTP compression. $disclaimer ($when_makesense)" "$cve" "$cwe" "$hint" fileout "breach" "HIGH" "BREACH: potentially VULNERABLE, uses $result HTTP compression. $disclaimer ($when_makesense)" "$cve" "$cwe" "$hint"
ret=1 ret=1
fi fi
# Any URL can be vulnerable. I am testing now only the given URL! # Any URL can be vulnerable. I am testing now only the given URL!