You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: MS14-066/README.md
+10-8
Original file line number
Diff line number
Diff line change
@@ -1,27 +1,29 @@
1
-
winshock-test
2
-
=============
1
+
## CVE-2014-6321 (MS14-066) KB2992611
3
2
4
-
Bash script that tests if a system is Winshock (MS14-066) vulnerable.
5
3
6
-
This script was developed by the emergency response team at [ANEXIA](http://www.anexia-wwc.com).
4
+
### Version impact
7
5
8
-
Important
6
+
Windows VistaSP2、Windows 7 SP1、Windows 8、Windows 8.1
7
+
Windows Server 2003 SP2、2008 SP2、2008 R2 SP1、2012、2012 R2
8
+
Windows RT和Windows RT 8.1。
9
+
10
+
### Important
9
11
---------
10
12
11
13
winshock_test.sh does behavioural analysis based upon the available SSL ciphers.
12
14
If you either do not have direct access to the target system due to SSL-offloading in any form or manually modified the available SSL ciphers the script will
13
15
be giving **false positives**.
14
16
15
17
16
-
Disclaimer
18
+
### Disclaimer
17
19
----------
18
20
19
21
This script does in no way try to exploit the vulnerability described in MS14-066.
20
22
It merely checks for hints on whether the target system has been patched or not.
21
23
For details, have a look at the script itself or read the short 'How it works'
22
24
part of this document below.
23
25
24
-
Usage
26
+
### Usage
25
27
-----
26
28
27
29
```shell
@@ -41,7 +43,7 @@ load balancer or any other form of SSL-offloading may impact the results
41
43
and may generate false-positives or false-negatives.
42
44
43
45
44
-
How it works
46
+
### How it works
45
47
------------
46
48
47
49
MS14-066 introduced four new SSL ciphers, so a check can be made if
0 commit comments