Heartbleed Scanner Available in Bigfix Labs!
liuhoting 270004JWWE Visits (4728)
The IBM Endpoint Manager SSL Heartbeat Vulnerability (CVE-2014-0160) Scanner, developed by the IEM AVP Team, is being made available to customers to assist in identifying potentially vulnerable systems through a distributed and automated approach. Customers can find the latest version of the scanner in the Bigfix Labs site version 35.
The Scanner has 2 different operating modes available:
- Filesystem scan to locate executables and libraries that may contain affected versions of OpenSSL (including applications embedding OpenSSL)
- Network scan (by default against the localhost) to locate vulnerable network services via a "discovery by exploitation" detection model
The "CVE-2014-0160 - OpenSSL TLS Heartbeat Read Overrun Vulnerability Scanner" Task within BigFix Labs can be leveraged to scan endpoints using either method, while the "CVE-2014-0160 Scanner Findings" Analyses can be leveraged to return detailed scan results.
The Scanner currently runs on Windows endpoints. Stay tuned for additional OS platform support! If you have any feedback or questions feel free to post here or to head to the forums (htt