Feedback

SSL FREAK Test CVE-2015-0204 Logjam Attack Checker

Is your webserver attackable? A free SSL vulnerability checker against the FREAK attack.

You can specify a custom port like this example.com:4433. 443 by default.

What is the FREAK SSL attack?

Tuesday 2015/03/03 - Researchers of miTLS team (joint project between Inria and Microsoft Research) disclosed a new SSL/TLS vulnerability — the FREAK SSL attack (CVE-2015-0204). The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography, which can then be decrypted or altered.

Read more about the FREAK SSL attack.

How to eliminate the vulnerability?

Upgrade the OpenSSL version to at least 1.02.