Given the new attack variants, we released a new version of TLS-Attacker 2.2, which covers our vulnerabilities.
Bleichenbacher's attack from 1998
OK, so what is new in our research?
Release of TLS-Attacker 2.2
$ java -jar Attacks.jar bleichenbacher -connect [host]:[port]
14:12:42 [main] CONSOLE attacks.impl.Attacker - A server is considered vulnerable to this attack if it responds differently to the test vectors. 14:12:42 [main] CONSOLE attacks.impl.Attacker - A server is considered secure if it always responds the same way. 14:12:49 [main] CONSOLE attacks.impl.Attacker - Found a difference in responses in the Complete TLS protocol flow with CCS and Finished messages. 14:12:49 [main] CONSOLE attacks.impl.Attacker - The server seems to respond with different record contents. 14:12:49 [main] INFO attacks.Main - Vulnerable:true