Land rapid7#3722, fix typos in openssl ccs scanner

zeroSteiner · zeroSteiner · commit dd8690323a4b · 2014-08-28T10:50:18.000-04:00
diff --git a/modules/auxiliary/scanner/ssl/openssl_ccs.rb b/modules/auxiliary/scanner/ssl/openssl_ccs.rb
@@ -79,9 +79,9 @@ def initialize
     super(
       'Name'           => 'OpenSSL Server-Side ChangeCipherSpec Injection Scanner',
       'Description'    => %q{
-        This module checks for the OpenSSL ChageCipherSpec (CCS)
+        This module checks for the OpenSSL ChangeCipherSpec (CCS)
         Injection vulnerability. The problem exists in the handling of early
-        CCS messages during session negotation. Vulnerable installations of OpenSSL accepts
+        CCS messages during session negotiation. Vulnerable installations of OpenSSL accepts
         them, while later implementations do not. If successful, an attacker can leverage this
         vulnerability to perform a man-in-the-middle (MITM) attack by downgrading the cipher spec
         between a client and server. This issue was first reported in early June, 2014.
@@ -131,7 +131,7 @@ def ccs_injection
     sock.put(ccs)
     alert = sock.get_once(-1, response_timeout)
     if alert.blank?
-      print_good("#{peer} - No alert after invalid CSS message, probably vulnerable")
+      print_good("#{peer} - No alert after invalid CCS message, probably vulnerable")
       report
     elsif alert.unpack("C").first == ALERT_RECORD_TYPE
       vprint_error("#{peer} - Alert record as response to the invalid CCS Message, probably not vulnerable")
