OpenSSL 0.9.7a seems to be vulnerable (was: Re: LKM Trojan)

[Mike Klinke]

On Tuesday 30 November 2004 20:21, Alexander Dalloz wrote:

>Good question - next one ;) Seriously, from my observation such
>tools alerting based on version numbers (nessus is such a 
>application too)make unexperienced users uncertain. 

Nessus does provide the option to turn off the "report known 
problems with the version ID noted by the banner" and turn on the 
"destructive" test if you're really curious.

Regards, Mike Klinke