[log] Ubuntu sslscan fails with : Could not create CTX object.
Ubuntu
sslscan package
- Overview
- Code
- Bugs
- Blueprints
- Translations
- Answers
sslscan fails with "ERROR: Could not create CTX object."
Bug #663872 reported by Torsten Streit on 2010-10-20
This bug affects 6 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | sslscan (Ubuntu) | Medium |
Unassigned | ||
Also affects project (?) Also affects distribution/package Nominate for series
Bug Description
Binary package hint: sslscan
sslscan is listing all supported server cipher(s) but not any data of the certificate.
You can try this out with sslscan any-ssl-enabled-domain.tld, this should (and did in previous ubuntu versions) list up the certificate details.
It doesnt by now.
Errormessage of sslscan output (on top of the output and at bottom):
ERROR: Could not create CTX object.
Installed & related packages:
ii libssl-dev 0.9.8o-1ubuntu4.1
ii libssl0.9.8 0.9.8o-1ubuntu4.1
ii openssl 0.9.8o-1ubuntu4.1
ii sslscan 1.8.2-1
Ubuntu Version:
maverick amd64
Complete Output:
_
___ ___| |___ ___ __ _ _ __
/ __/ __| / __|/ __/ _` | '_ \
\__ \__ \ \__ \ (_| (_| | | | |
|___/___/_|___/\___\__,_|_| |_|
Version 1.8.2
http://www.titania.co.uk
Copyright Ian Ventura-Whiting 2009
ERROR: Could not create CTX object.
Testing SSL server hidden.tld on port 443
Supported Server Cipher(s):
Rejected SSLv3 256 bits ADH-AES256-SHA
Rejected SSLv3 256 bits DHE-RSA-AES256-SHA
Rejected SSLv3 256 bits DHE-DSS-AES256-SHA
Accepted SSLv3 256 bits AES256-SHA
Rejected SSLv3 128 bits ADH-AES128-SHA
Rejected SSLv3 128 bits DHE-RSA-AES128-SHA
Rejected SSLv3 128 bits DHE-DSS-AES128-SHA
Accepted SSLv3 128 bits AES128-SHA
Rejected SSLv3 168 bits ADH-DES-CBC3-SHA
Rejected SSLv3 56 bits ADH-DES-CBC-SHA
Rejected SSLv3 40 bits EXP-ADH-DES-CBC-SHA
Rejected SSLv3 128 bits ADH-RC4-MD5
Rejected SSLv3 40 bits EXP-ADH-RC4-MD5
Rejected SSLv3 168 bits EDH-RSA-DES-CBC3-SHA
Rejected SSLv3 56 bits EDH-RSA-DES-CBC-SHA
Rejected SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHA
Rejected SSLv3 168 bits EDH-DSS-DES-CBC3-SHA
Rejected SSLv3 56 bits EDH-DSS-DES-CBC-SHA
Rejected SSLv3 40 bits EXP-EDH-DSS-DES-CBC-SHA
Accepted SSLv3 168 bits DES-CBC3-SHA
Rejected SSLv3 56 bits DES-CBC-SHA
Rejected SSLv3 40 bits EXP-DES-CBC-SHA
Rejected SSLv3 40 bits EXP-RC2-CBC-MD5
Accepted SSLv3 128 bits RC4-SHA
Accepted SSLv3 128 bits RC4-MD5
Rejected SSLv3 40 bits EXP-RC4-MD5
Rejected SSLv3 0 bits NULL-SHA
Rejected SSLv3 0 bits NULL-MD5
Rejected TLSv1 256 bits ADH-AES256-SHA
Rejected TLSv1 256 bits DHE-RSA-AES256-SHA
Rejected TLSv1 256 bits DHE-DSS-AES256-SHA
Accepted TLSv1 256 bits AES256-SHA
Rejected TLSv1 128 bits ADH-AES128-SHA
Rejected TLSv1 128 bits DHE-RSA-AES128-SHA
Rejected TLSv1 128 bits DHE-DSS-AES128-SHA
Accepted TLSv1 128 bits AES128-SHA
Rejected TLSv1 168 bits ADH-DES-CBC3-SHA
Rejected TLSv1 56 bits ADH-DES-CBC-SHA
Rejected TLSv1 40 bits EXP-ADH-DES-CBC-SHA
Rejected TLSv1 128 bits ADH-RC4-MD5
Rejected TLSv1 40 bits EXP-ADH-RC4-MD5
Rejected TLSv1 168 bits EDH-RSA-DES-CBC3-SHA
Rejected TLSv1 56 bits EDH-RSA-DES-CBC-SHA
Rejected TLSv1 40 bits EXP-EDH-RSA-DES-CBC-SHA
Rejected TLSv1 168 bits EDH-DSS-DES-CBC3-SHA
Rejected TLSv1 56 bits EDH-DSS-DES-CBC-SHA
Rejected TLSv1 40 bits EXP-EDH-DSS-DES-CBC-SHA
Accepted TLSv1 168 bits DES-CBC3-SHA
Rejected TLSv1 56 bits DES-CBC-SHA
Rejected TLSv1 40 bits EXP-DES-CBC-SHA
Rejected TLSv1 40 bits EXP-RC2-CBC-MD5
Accepted TLSv1 128 bits RC4-SHA
Accepted TLSv1 128 bits RC4-MD5
Rejected TLSv1 40 bits EXP-RC4-MD5
Rejected TLSv1 0 bits NULL-SHA
Rejected TLSv1 0 bits NULL-MD5
Prefered Server Cipher(s):
ERROR: Could not create CTX object.
ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: sslscan 1.8.2-1
ProcVersionSignature: Ubuntu 2.6.35-22.35-generic 2.6.35.4
Uname: Linux 2.6.35-22-generic x86_64
NonfreeKernelModules: nvidia
Architecture: amd64
Date: Wed Oct 20 14:47:58 2010
ProcEnviron:
PATH=(custom, user)
LANG=de_DE.utf8
SHELL=/bin/bash
SourcePackage: sslscan
Tags: xenial amd64 apport-bug maverick Edit Tag help
| Torsten Streit (ts-tstreit) wrote on 2010-10-20: | #1 |
- Dependencies.txt Edit (595 bytes, text/plain; charset="utf-8")
| Justin Samuel (justin-justinsamuel) wrote on 2011-04-21: | #2 |
This is probably because, afaik, recent Ubuntu versions ship openssl without SSLv2 support. By default, sslscan will try SSLv2, SSLv3, and TLSv1. However, sslscan isn't expecting SSLv2 to be not available at all.
To use sslscan on recent Ubuntu versions, use the --ssl3 or --tls1 options to sslscan.
Note that you should be very careful about testing remote servers for SSLv2 support when using an Ubuntu client, including with "openssl s_client -ssl2 -connect somehost:443". Using an Ubuntu client, you may incorrectly determine that the remote server doesn't support SSLv2 when in fact it really does, it's just your client that doesn't support SSLv2.
| Launchpad Janitor (janitor) wrote on 2016-07-19: | #3 |
Status changed to 'Confirmed' because the bug affects multiple users.
| Changed in sslscan (Ubuntu): | |
| status: | New → Confirmed |
| FriedChicken (domlyons) wrote on 2016-07-19: | #4 |
On Xenial this not only fails for SSLv2 but also SSLv3.
| tags: | added: xenial |
Alberto Salvia Novella (es20490446e) on 2016-07-21
| Changed in sslscan (Ubuntu): | |
| importance: | Undecided → Medium |