RUS-CERT has released a useful tool for the remote detection of vulnerable OpenSSL servers. It connects to a host and attempts to perform a small, harmless buffer overflow; if the target does not crash, it is likely susceptible to the Slapper worm and other SSLv2 exploits. Updated OpenSSL servers may crash or return errors when scanned with this program, so be careful if you’re going to be using it to audit any mission-critical systems. More information and the C source code are available in RUS-CERT advisory 2002-09:01.

(N-Stalker Security Force)