cve/2015/CVE-2015-0204.md

### [CVE-2015-0204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue.  NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.

### POC

#### Reference
- http://www-01.ibm.com/support/docview.wss?uid=swg21883640
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:019
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
- http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
- http://www.securityfocus.com/bid/91787

#### Github
- https://github.com/84KaliPleXon3/a2sv
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script
- https://github.com/Artem-Salnikov/devops-netology
- https://github.com/Artem-Tvr/sysadmin-09-security
- https://github.com/F4RM0X/script_a2sv
- https://github.com/H4CK3RT3CH/a2sv
- https://github.com/Justic-D/Dev_net_home_1
- https://github.com/Kapotov/3.9.1
- https://github.com/Live-Hack-CVE/CVE-2015-0291
- https://github.com/MrE-Fog/a2sv
- https://github.com/Mre11i0t/a2sv
- https://github.com/TheRipperJhon/a2sv
- https://github.com/TopCaver/scz_doc_copy
- https://github.com/Vainoord/devops-netology
- https://github.com/Valdem88/dev-17_ib-yakovlev_vs
- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14
- https://github.com/WiktorMysz/devops-netology
- https://github.com/alexandrburyakov/Rep2
- https://github.com/alexgro1982/devops-netology
- https://github.com/alexoslabs/HTTPSScan
- https://github.com/anthophilee/A2SV--SSL-VUL-Scan
- https://github.com/bysart/devops-netology
- https://github.com/camel-clarkson/non-controlflow-hijacking-datasets
- https://github.com/catsploit/catsploit
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/clic-kbait/A2SV--SSL-VUL-Scan
- https://github.com/clino-mania/A2SV--SSL-VUL-Scan
- https://github.com/cryptflow/checks
- https://github.com/dmitrii1312/03-sysadmin-09
- https://github.com/felmoltor/FreakVulnChecker
- https://github.com/fireorb/SSL-Scanner
- https://github.com/fireorb/sslscanner
- https://github.com/geon071/netolofy_12
- https://github.com/hahwul/a2sv
- https://github.com/halencarjunior/HTTPSScan-PYTHON
- https://github.com/ilya-starchikov/devops-netology
- https://github.com/javirodriguezzz/Shodan-Browser
- https://github.com/leoambrus/CheckersNomisec
- https://github.com/mawinkler/c1-ws-ansible
- https://github.com/neominds/JPN_RIC13351-2
- https://github.com/niccoX/patch-openssl-CVE-2014-0291_CVE-2015-0204
- https://github.com/nikolay480/devops-netology
- https://github.com/pashicop/3.9_1
- https://github.com/scottjpack/Freak-Scanner
- https://github.com/stanmay77/security
- https://github.com/thekondrashov/stuff
- https://github.com/vitaliivakhr/NETOLOGY
- https://github.com/yellownine/netology-DevOps
- https://github.com/ziezeeshan/Networksecurity