SecTools

OpenSSL vulnerability scanner scans for a remote exploit for the KEY_ARG overflow in OpenSSL 0.9.6d and older. Tested against most major Linux distributions. Gives a remote nobody shell on Apache and remote root on other servers. Includes an OpenSSL vulnerability scanner and a detailed vulnerability analysis. Only Linux/x86 targets are supported. Exploit Details (CVE-2002-0656): http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0656 OpenSSL Exploit Homepage: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0656