Change default TLS Version to 1.0

Canonical testing shows this to be more widely supported, and yielding far more vulnerable hosts. Changing default to reflect that. Experience of others in #metasploit seems similar.
p4tchw0rk · Apr 9, 2014 · 7a42478 · 7a42478
1 parent 28a471e
commit 7a42478
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
@@ -119,7 +119,7 @@ def initialize
       [
         Opt::RPORT(443),
         OptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3' ]]),
-        OptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.1', ['1.0', '1.1', '1.2']])
+        OptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.0', ['1.0', '1.1', '1.2']])
       ], self.class)
   end