View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0002031||Kali Linux||[All Projects] Tool Upgrade||public||2015-01-25 15:05||2015-01-29 17:27|
|Target Version||Fixed in Version||1.1.0|
|Summary||0002031: New sslscan upstream|
|Description||The version of sslscan included in Kali is very old and looks dead. It doesn't support SSLv2 (bug 0000146), and when upstream Debian drops support for SSLv3, presumably that'll go as well (already happened in unstable, no idea when that's getting merged into Kali).|
There are half a dozen different forks of sslscan, the most up to date seems to be this one - https://github.com/rbsec/sslscan. Lots of new features like TLSv1.1/1.2, Heartbleed and fancy coloured output. More importantly, it can be build statically against a version of OpenSSL that has SSLv2 support, so you can distribute that to let people scan SSLv2 without messing around with the system OpenSSL.
Thanks for the report.
The sslscan package we had was coming straight from Debian. We upgraded the package with the rbsec fork and built it statically against openssl.
sslscan 1.9.10-rbsec-0kali1 will be available in the next few hours in the kali-proposed-updates repository.
|2015-01-25 15:05||jp||New Issue|
|2015-01-29 17:27||rhertzog||Note Added: 0002980|
|2015-01-29 17:27||rhertzog||Status||new => resolved|
|2015-01-29 17:27||rhertzog||Fixed in Version||=> 1.1.0|
|2015-01-29 17:27||rhertzog||Resolution||open => fixed|
|2015-01-29 17:27||rhertzog||Assigned To||=> rhertzog|