OpenSSL ChangeCipherSpec Message Vulnerability Checker

This module exploits a vulnerability in OpenSSL by sending a "Change Ciper Spec" message to the server. This vulnerability allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2014-0224
Product Version: 
2014_R1
Released Date: 
Wednesday, June 18, 2014 - 00:00