CrowdStrike Heartbleed Scanner – Update

This is a followup to our original blog post for the CrowdStrike Heartbleed Scanner.

Due to popular demand and acting on feedback we have received, today we have updated our free Heartbleed Scanner vulnerability detection tool that was released last Friday. The new version is 1.1.0.0 and is available for download on the Community Tools page.

Here are the main additions and changes:

  • Added STARTTLS support for common services.
  • Added ability to specify a list of default ports as opposed to just a single one.
  • If you double click a vulnerable entry in the results window it will open up an Explorer window and navigate to the binary data file associated with the entry.
  • Fixed an issue with parsing supplied URLs.
  • Fixed an issue with sorting the vulnerability results table when clicking the headers.
  • Fixed issue with tool not adhering to specified timeout value.
  • More robust and accurate vulnerability checking.
  • Simplified HTML output format.
  • Rearranged the UI elements.

With the ability to supply more than a single default port we have provided a sample port list of commonly used SSL-enabled service ports as follows:

  • 443 HTTPS
  • 465 SMTP over SSL/TLS
  • 563 NNTP over SSL/TLS
  • 636 LDAP over SSL/TLS
  • 990 FTP over SSL/TLS
  • 993 IMAP over SSL/TLS
  • 995 POP3 over SSL/TLS
  • 3306 MySQL (SSL/TLS)
  • 5432 PostgreSQL (SSL/TLS)

If you are only interested in scanning HTTP websites you would probably want to just keep port 443 and have the scan run faster, but for full thoroughness our default list is a good start.

For the new STARTTLS feature we attempt to handle the following protocols:

  • 21 FTP (“AUTH TLS“)
  • 25 SMTP (“STARTTLS“)
  • 110 POP3 (“STLS“)
  • 143 IMAP (“STARTTLS“)
  • 587 Message Submission (“STARTTLS“)

More information can be seen in the tool’s About… section.

As always keep an eye out for updates to our tools as we continue to enhance them.

 

Related Content