Detections
Analytics
CVE-2011-3389
high
Description
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
References
https://medium.com/tenable-techblog/meltdown-of-critical-ics-vulnerabilities-8af3a1a13e6a
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=737506
https://bugzilla.novell.com/show_bug.cgi?id=719047
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
http://www.us-cert.gov/cas/techalerts/TA12-010A.html
http://www.ubuntu.com/usn/USN-1263-1
http://www.securityfocus.com/bid/49778
http://www.securityfocus.com/bid/49388
http://www.redhat.com/support/errata/RHSA-2012-0006.html
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.opera.com/support/kb/view/1004/
http://www.opera.com/docs/changelogs/windows/1160/
http://www.opera.com/docs/changelogs/windows/1151/
http://www.opera.com/docs/changelogs/unix/1160/
http://www.opera.com/docs/changelogs/unix/1151/
http://www.opera.com/docs/changelogs/mac/1160/
http://www.opera.com/docs/changelogs/mac/1151/
http://www.kb.cert.org/vuls/id/864643
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
http://www.ibm.com/developerworks/java/jdk/alerts/
http://www.debian.org/security/2012/dsa-2398
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
http://vnhacker.blogspot.com/2011/09/beast.html
http://technet.microsoft.com/security/advisory/2588513
http://support.apple.com/kb/HT6150
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5001
http://support.apple.com/kb/HT4999
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://security.gentoo.org/glsa/glsa-201203-02.xml
http://secunia.com/advisories/55351
http://secunia.com/advisories/55350
http://secunia.com/advisories/55322
http://secunia.com/advisories/49198
http://secunia.com/advisories/48948
http://secunia.com/advisories/48915
http://secunia.com/advisories/48692
http://secunia.com/advisories/48256
http://secunia.com/advisories/47998
http://secunia.com/advisories/45791
http://rhn.redhat.com/errata/RHSA-2012-0508.html
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://marc.info/?l=bugtraq&m=133728004526190&w=2
http://marc.info/?l=bugtraq&m=133365109612558&w=2
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
http://eprint.iacr.org/2006/136
http://eprint.iacr.org/2004/111
http://downloads.asterisk.org/pub/security/AST-2016-001.html
http://curl.haxx.se/docs/adv_20120124B.html
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/