0002031: New sslscan upstream - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0002031	Kali Linux	Tool Upgrade Request	public	2015-01-25 15:05	2015-01-29 17:27

Reporter	jp	Assigned To	rhertzog
Priority	normal	Severity	minor	Reproducibility	N/A
Status	resolved	Resolution	fixed
Product Version	1.0.9
Fixed in Version	1.1.0

Summary	0002031: New sslscan upstream
Description	The version of sslscan included in Kali is very old and looks dead. It doesn't support SSLv2 (bug 0000146), and when upstream Debian drops support for SSLv3, presumably that'll go as well (already happened in unstable, no idea when that's getting merged into Kali). There are half a dozen different forks of sslscan, the most up to date seems to be this one - https://github.com/rbsec/sslscan. Lots of new features like TLSv1.1/1.2, Heartbleed and fancy coloured output. More importantly, it can be build statically against a version of OpenSSL that has SSLv2 support, so you can distribute that to let people scan SSLv2 without messing around with the system OpenSSL.

Date Modified	Username	Field	Change
2015-01-25 15:05	jp	New Issue
2015-01-29 17:27	rhertzog	Note Added: 0002980
2015-01-29 17:27	rhertzog	Status	new => resolved
2015-01-29 17:27	rhertzog	Fixed in Version	=> 1.1.0
2015-01-29 17:27	rhertzog	Resolution	open => fixed
2015-01-29 17:27	rhertzog	Assigned To	=> rhertzog
2021-05-31 13:37	rhertzog	Category	Tool Upgrade => Tool Upgrade Request

rhertzog 2015-01-29 17:27 administrator ~0002980	Thanks for the report. The sslscan package we had was coming straight from Debian. We upgraded the package with the rbsec fork and built it statically against openssl. sslscan 1.9.10-rbsec-0kali1 will be available in the next few hours in the kali-proposed-updates repository.