Test for CVE-2015-0204 | SSL Freak Attack

The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography, which can then be decrypted or altered. When a vulnerable browser connects to a server that supports RSA_EXPORT cipher suites, the browser can be forced to use a 512-bit RSA key. This can happen if the client is using a version of OpenSSL susceptible to CVE-2015-0204 or another library with a similar bug.

Websites that support RSA export cipher suites (e.g., TLS_RSA_EXPORT_WITH_DES40_CBC_SHA) are at risk to having HTTPS connections intercepted

How to TEST WebSite:
1. Install OPENSS (I’ve always used this
2. Open a cmd.exe and navigate to \openssl\bin\
3. Run openssl s_client -connect : -cipher EXPORT

If the website does not support RSA Export chipper suites, then your handshake will fail and you will get back to command prompt.

If the site does support RSA Export chippers, you will successfully complete the handshake and then command prompt will wait on a blank prompt

How to test clients (browser):
Open browser, go to https://cve.freakattack.com/
If this sites loads and shows something like below, this browser is vulnerable.


Apple is working on a fix.
OpenSSL has a fix, released in January ’15.

RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)

Severity: Low

An OpenSSL client will accept the use of an RSA temporary key in a non-export
RSA key exchange ciphersuite. A server could present a weak temporary key
and downgrade the security of the session.

This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

OpenSSL 1.0.1 users should upgrade to 1.0.1k.
OpenSSL 1.0.0 users should upgrade to 1.0.0p.
OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan
Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen
Henson of the OpenSSL core team.

Reference 1
Reference 2
Reference 3
Reference 4