Executive Summary

Informations
NameCVE-2011-3389First vendor Publication2011-09-06
VendorCveLast vendor Modification2014-03-05

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389

CWE : Common Weakness Enumeration

idName
CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:19673
 
Oval ID: oval:org.mitre.oval:def:19673
Title: HP-UX Running Java JRE and JDK, Remote Denial of Service (DoS), Unauthorized Modification and Disclosure of Information
Description: The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
Family: unix Class: vulnerability
Reference(s): CVE-2011-3389
Version: 6
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14752
 
Oval ID: oval:org.mitre.oval:def:14752
Title: SSL and TLS Protocols Vulnerability
Description: The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3389
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows 7
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application1
Application1
Application1
Os1

OpenVAS Exploits

DateDescription
2012-10-19Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-16351
File : nvt/gb_fedora_2012_16351_java-1.6.0-openjdk_fc16.nasl
2012-10-19Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351
File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl
2012-09-25Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-22Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-13127
File : nvt/gb_fedora_2012_13127_java-1.6.0-openjdk_fc16.nasl
2012-09-04Name : Mandriva Update for fetchmail MDVSA-2012:149 (fetchmail)
File : nvt/gb_mandriva_MDVSA_2012_149.nasl
2012-09-04Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13138
File : nvt/gb_fedora_2012_13138_java-1.7.0-openjdk_fc16.nasl
2012-08-30Name : FreeBSD Ports: fetchmail
File : nvt/freebsd_fetchmail16.nasl
2012-08-30Name : Fedora Update for python3 FEDORA-2012-5785
File : nvt/gb_fedora_2012_5785_python3_fc17.nasl
2012-08-30Name : Fedora Update for python-docs FEDORA-2012-5892
File : nvt/gb_fedora_2012_5892_python-docs_fc17.nasl
2012-08-30Name : Fedora Update for python FEDORA-2012-5892
File : nvt/gb_fedora_2012_5892_python_fc17.nasl
2012-08-03Name : Mandriva Update for curl MDVSA-2012:058 (curl)
File : nvt/gb_mandriva_MDVSA_2012_058.nasl
2012-07-30Name : CentOS Update for firefox CESA-2012:1088 centos5
File : nvt/gb_CESA-2012_1088_firefox_centos5.nasl
2012-07-30Name : CentOS Update for firefox CESA-2012:1088 centos6
File : nvt/gb_CESA-2012_1088_firefox_centos6.nasl
2012-07-30Name : CentOS Update for thunderbird CESA-2012:1089 centos5
File : nvt/gb_CESA-2012_1089_thunderbird_centos5.nasl
2012-07-30Name : CentOS Update for thunderbird CESA-2012:1089 centos6
File : nvt/gb_CESA-2012_1089_thunderbird_centos6.nasl
2012-07-30Name : CentOS Update for java CESA-2011:1380 centos5 x86_64
File : nvt/gb_CESA-2011_1380_java_centos5_x86_64.nasl
2012-07-19Name : RedHat Update for firefox RHSA-2012:1088-01
File : nvt/gb_RHSA-2012_1088-01_firefox.nasl
2012-07-19Name : RedHat Update for thunderbird RHSA-2012:1089-01
File : nvt/gb_RHSA-2012_1089-01_thunderbird.nasl
2012-06-22Name : Mandriva Update for python MDVSA-2012:096 (python)
File : nvt/gb_mandriva_MDVSA_2012_096.nasl
2012-06-22Name : Mandriva Update for python MDVSA-2012:097 (python)
File : nvt/gb_mandriva_MDVSA_2012_097.nasl
2012-06-22Name : Fedora Update for python3 FEDORA-2012-9135
File : nvt/gb_fedora_2012_9135_python3_fc16.nasl
2012-06-19Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9541
File : nvt/gb_fedora_2012_9541_java-1.6.0-openjdk_fc15.nasl
2012-06-19Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9545
File : nvt/gb_fedora_2012_9545_java-1.6.0-openjdk_fc16.nasl
2012-06-19Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9593
File : nvt/gb_fedora_2012_9593_java-1.7.0-openjdk_fc16.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-05-08Name : Fedora Update for python-docs FEDORA-2012-5924
File : nvt/gb_fedora_2012_5924_python-docs_fc16.nasl
2012-05-08Name : Fedora Update for python FEDORA-2012-5924
File : nvt/gb_fedora_2012_5924_python_fc16.nasl
2012-05-04Name : Fedora Update for python3 FEDORA-2012-5916
File : nvt/gb_fedora_2012_5916_python3_fc15.nasl
2012-04-30Name : Debian Security Advisory DSA 2398-2 (curl)
File : nvt/deb_2398_2.nasl
2012-04-06Name : Opera Extended Validation Information Disclosure Vulnerabilities (Linux)
File : nvt/gb_opera_extented_validation_info_disc_vuln_lin.nasl
2012-04-02Name : Fedora Update for firefox FEDORA-2011-17400
File : nvt/gb_fedora_2011_17400_firefox_fc16.nasl
2012-04-02Name : Fedora Update for nss-softokn FEDORA-2011-17400
File : nvt/gb_fedora_2011_17400_nss-softokn_fc16.nasl
2012-04-02Name : Fedora Update for nss-util FEDORA-2011-17400
File : nvt/gb_fedora_2011_17400_nss-util_fc16.nasl
2012-04-02Name : Fedora Update for thunderbird-lightning FEDORA-2011-17400
File : nvt/gb_fedora_2011_17400_thunderbird-lightning_fc16.nasl
2012-04-02Name : Fedora Update for thunderbird FEDORA-2011-17400
File : nvt/gb_fedora_2011_17400_thunderbird_fc16.nasl
2012-04-02Name : Fedora Update for xulrunner FEDORA-2011-17400
File : nvt/gb_fedora_2011_17400_xulrunner_fc16.nasl
2012-04-02Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-1690
File : nvt/gb_fedora_2012_1690_java-1.7.0-openjdk_fc16.nasl
2012-04-02Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1711
File : nvt/gb_fedora_2012_1711_java-1.6.0-openjdk_fc16.nasl
2012-04-02Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-15020
File : nvt/gb_fedora_2011_15020_java-1.6.0-openjdk_fc16.nasl
2012-03-19Name : Fedora Update for nss FEDORA-2011-17400
File : nvt/gb_fedora_2011_17400_nss_fc16.nasl
2012-03-19Name : Fedora Update for java-1.7.0-openjdk FEDORA-2011-15555
File : nvt/gb_fedora_2011_15555_java-1.7.0-openjdk_fc16.nasl
2012-03-12Name : Gentoo Security Advisory GLSA 201203-02 (cURL)
File : nvt/glsa_201203_02.nasl
2012-03-09Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1721
File : nvt/gb_fedora_2012_1721_java-1.6.0-openjdk_fc15.nasl
2012-02-12Name : Debian Security Advisory DSA 2398-1 (curl)
File : nvt/deb_2398_1.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201111-02 (sun-jre-bin sun-jdk emul-linux-x86-j...
File : nvt/glsa_201111_02.nasl
2012-02-11Name : Debian Security Advisory DSA 2356-1 (openjdk-6)
File : nvt/deb_2356_1.nasl
2012-02-11Name : Debian Security Advisory DSA 2358-1 (openjdk-6)
File : nvt/deb_2358_1.nasl
2012-02-11Name : Debian Security Advisory DSA 2368-1 (lighttpd)
File : nvt/deb_2368_1.nasl
2012-02-06Name : Mac OS X Multiple Vulnerabilities (2012-001)
File : nvt/gb_macosx_su12-001.nasl
2012-01-25Name : Ubuntu Update for openjdk-6 USN-1263-2
File : nvt/gb_ubuntu_USN_1263_2.nasl
2012-01-23Name : Fedora Update for nss FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_nss_fc15.nasl
2012-01-23Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_perl-Gtk2-MozEmbed_fc15.nasl
2012-01-23Name : Fedora Update for thunderbird-lightning FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_thunderbird-lightning_fc15.nasl
2012-01-23Name : Fedora Update for thunderbird FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_thunderbird_fc15.nasl
2012-01-23Name : Fedora Update for xulrunner FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_xulrunner_fc15.nasl
2012-01-23Name : Fedora Update for firefox FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_firefox_fc15.nasl
2012-01-23Name : Fedora Update for gnome-python2-extras FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_gnome-python2-extras_fc15.nasl
2012-01-23Name : Fedora Update for nspr FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_nspr_fc15.nasl
2012-01-23Name : Fedora Update for nss-softokn FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_nss-softokn_fc15.nasl
2012-01-23Name : Fedora Update for nss-util FEDORA-2011-17399
File : nvt/gb_fedora_2011_17399_nss-util_fc15.nasl
2012-01-11Name : Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)
File : nvt/secpod_ms12-006.nasl
2011-12-14Name : Microsoft Internet Explorer Multiple Vulnerabilities (2618444)
File : nvt/secpod_ms11-099.nasl
2011-11-18Name : Ubuntu Update for icedtea-web USN-1263-1
File : nvt/gb_ubuntu_USN_1263_1.nasl
2011-11-14Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2011:170 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2011_170.nasl
2011-10-21Name : RedHat Update for java-1.6.0-openjdk RHSA-2011:1380-01
File : nvt/gb_RHSA-2011_1380-01_java-1.6.0-openjdk.nasl
2011-10-21Name : CentOS Update for java CESA-2011:1380 centos5 i386
File : nvt/gb_CESA-2011_1380_java_centos5_i386.nasl
2011-10-21Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-14638
File : nvt/gb_fedora_2011_14638_java-1.6.0-openjdk_fc14.nasl
2011-10-21Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-14648
File : nvt/gb_fedora_2011_14648_java-1.6.0-openjdk_fc15.nasl
2011-09-09Name : Opera Extended Validation Information Disclosure Vulnerabilities (Mac OS X)
File : nvt/gb_opera_extented_validation_info_disc_vuln_macosx.nasl
2011-09-09Name : Opera Extended Validation Information Disclosure Vulnerabilities (Windows)
File : nvt/gb_opera_extented_validation_info_disc_vuln_win.nasl
0000-00-00Name : Java for Mac OS X 10.6 Update 6 And 10.7 Update 1
File : nvt/secpod_macosx_java_10_6_upd_6_and_10_7_upd_1.nasl
0000-00-00Name : FreeBSD Ports: opera, linux-opera
File : nvt/freebsd_opera25.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
74829SSL Chained Initialization Vector CBC Mode MiTM Weakness

Information Assurance Vulnerability Management (IAVM)

DateDescription
2014-02-27IAVM : 2014-A-0030 - Apple Mac OS X Security Update 2014-001
Severity : Category I - VMSKEY : V0044547
2013-10-17IAVM : 2013-A-0199 - Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0040786
2012-03-29IAVM : 2012-A-0048 - Multiple Vulnerabilities in VMware vCenter Update Manager 5.0
Severity : Category I - VMSKEY : V0031901
2012-01-13IAVM : 2012-B-0006 - Microsoft SSL/TLS Information Disclosure Vulnerability
Severity : Category I - VMSKEY : V0031054

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Office Word border use-after-free attempt
RuleID : 21002 - Revision : 7 - Type : FILE-OFFICE
2014-01-10SSL CBC encryption mode weakness brute force attempt
RuleID : 20212 - Revision : 7 - Type : SERVER-OTHER
2014-01-10Microsoft Windows wininet peerdist.dll dll-load exploit attempt
RuleID : 18209 - Revision : 11 - Type : OS-WINDOWS
2014-01-10Microsoft Windows wininet peerdist.dll dll-load exploit attempt
RuleID : 18208 - Revision : 11 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2014-02-25Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2014-001.nasl - Type : ACT_GATHER_INFO
2014-02-07Name : The remote mail server is affected by file disclosure and corruption vulnerab...
File : kerio_connect_810.nasl - Type : ACT_GATHER_INFO
2013-10-23Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_9.nasl - Type : ACT_GATHER_INFO
2013-10-16Name : The remote database server is affected by multiple vulnerabilities.
File : oracle_rdbms_cpu_oct_2013.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-80.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-81.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-10.nasl - Type : ACT_GATHER_INFO
2013-07-23Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_2_1_0.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1088.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2012-1089.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1380.nasl - Type : ACT_GATHER_INFO
2013-07-10Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_libcurl4-8618.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-037.nasl - Type : ACT_GATHER_INFO
2013-01-08Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-09-20Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_5.nasl - Type : ACT_GATHER_INFO
2012-09-20Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2012-004.nasl - Type : ACT_GATHER_INFO
2012-09-06Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-097.nasl - Type : ACT_GATHER_INFO
2012-09-06Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-149.nasl - Type : ACT_GATHER_INFO
2012-08-30Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_18ce9a90f26911e1be53080027ef73ec.nasl - Type : ACT_GATHER_INFO
2012-08-03Name : The remote host has an application installed that is affected by multiple vul...
File : macosx_xcode_4_4.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120717_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120717_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111018_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111019_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1088.nasl - Type : ACT_GATHER_INFO
2012-07-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1089.nasl - Type : ACT_GATHER_INFO
2012-07-18Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1088.nasl - Type : ACT_GATHER_INFO
2012-07-18Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2012-1089.nasl - Type : ACT_GATHER_INFO
2012-06-21Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-096.nasl - Type : ACT_GATHER_INFO
2012-06-20Name : The remote Fedora host is missing a security update.
File : fedora_2012-9135.nasl - Type : ACT_GATHER_INFO
2012-05-10Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_4.nasl - Type : ACT_GATHER_INFO
2012-05-10Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2012-002.nasl - Type : ACT_GATHER_INFO
2012-05-07Name : The remote Fedora host is missing a security update.
File : fedora_2012-5785.nasl - Type : ACT_GATHER_INFO
2012-05-07Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-5924.nasl - Type : ACT_GATHER_INFO
2012-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-5916.nasl - Type : ACT_GATHER_INFO
2012-05-02Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-5892.nasl - Type : ACT_GATHER_INFO
2012-04-27Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_python-8080.nasl - Type : ACT_GATHER_INFO
2012-04-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0508.nasl - Type : ACT_GATHER_INFO
2012-04-16Name : It may be possible to obtain sensitive information from the remote host with ...
File : ssl3_tls1_iv_impl_info_disclosure.nasl - Type : ACT_GATHER_INFO
2012-04-16Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-058.nasl - Type : ACT_GATHER_INFO
2012-03-16Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0005.nasl - Type : ACT_GATHER_INFO
2012-03-09Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0003.nasl - Type : ACT_GATHER_INFO
2012-03-06Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201203-02.nasl - Type : ACT_GATHER_INFO
2012-02-29Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-120223.nasl - Type : ACT_GATHER_INFO
2012-02-24Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_4_2-ibm-120105.nasl - Type : ACT_GATHER_INFO
2012-02-02Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_3.nasl - Type : ACT_GATHER_INFO
2012-02-02Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2012-001.nasl - Type : ACT_GATHER_INFO
2012-01-31Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2398.nasl - Type : ACT_GATHER_INFO
2012-01-25Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1263-2.nasl - Type : ACT_GATHER_INFO
2012-01-25Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_4_2-ibm-7908.nasl - Type : ACT_GATHER_INFO
2012-01-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_6_0-ibm-7926.nasl - Type : ACT_GATHER_INFO
2012-01-23Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-17399.nasl - Type : ACT_GATHER_INFO
2012-01-19Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0034.nasl - Type : ACT_GATHER_INFO
2012-01-12Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2358.nasl - Type : ACT_GATHER_INFO
2012-01-12Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2368.nasl - Type : ACT_GATHER_INFO
2012-01-10Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0006.nasl - Type : ACT_GATHER_INFO
2012-01-10Name : It may be possibe to obtain sensitive information from the remote Windows hos...
File : smb_nt_ms12-006.nasl - Type : ACT_GATHER_INFO
2011-12-23Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-17400.nasl - Type : ACT_GATHER_INFO
2011-12-14Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_a4a809d825c811e1b53100215c6a37bb.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms11-099.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-nss-7842.nasl - Type : ACT_GATHER_INFO
2011-12-07Name : The remote host contains a web browser that is potentially affected by multip...
File : opera_1160.nasl - Type : ACT_GATHER_INFO
2011-12-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2356.nasl - Type : ACT_GATHER_INFO
2011-11-17Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1263-1.nasl - Type : ACT_GATHER_INFO
2011-11-14Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-170.nasl - Type : ACT_GATHER_INFO
2011-11-14Name : The remote Fedora host is missing a security update.
File : fedora_2011-15555.nasl - Type : ACT_GATHER_INFO
2011-11-09Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_6_update6.nasl - Type : ACT_GATHER_INFO
2011-11-09Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_7_update1.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201111-02.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Fedora host is missing a security update.
File : fedora_2011-15020.nasl - Type : ACT_GATHER_INFO
2011-10-20Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1380.nasl - Type : ACT_GATHER_INFO
2011-10-20Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1384.nasl - Type : ACT_GATHER_INFO
2011-10-19Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1380.nasl - Type : ACT_GATHER_INFO
2011-09-01Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : opera_1151.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
APPLEhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
BIDhttp://www.securityfocus.com/bid/49388
http://www.securityfocus.com/bid/49778
CERThttp://www.us-cert.gov/cas/techalerts/TA12-010A.html
CERT-VNhttp://www.kb.cert.org/vuls/id/864643
CONFIRMhttp://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-comm...
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-securit...
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-se...
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5001
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5281
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT6150
http://technet.microsoft.com/security/advisory/2588513
http://www.ibm.com/developerworks/java/jdk/alerts/
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
http://www.opera.com/docs/changelogs/mac/1151/
http://www.opera.com/docs/changelogs/mac/1160/
http://www.opera.com/docs/changelogs/unix/1151/
http://www.opera.com/docs/changelogs/unix/1160/
http://www.opera.com/docs/changelogs/windows/1151/
http://www.opera.com/docs/changelogs/windows/1160/
http://www.opera.com/support/kb/view/1004/
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
https://bugzilla.novell.com/show_bug.cgi?id=719047
https://bugzilla.redhat.com/show_bug.cgi?id=737506
HPhttp://marc.info/?l=bugtraq&m=132750579901589&w=2
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://marc.info/?l=bugtraq&m=132872385320240&w=2
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na...
MISChttp://ekoparty.org/2011/juliano-rizzo.php
http://eprint.iacr.org/2004/111
http://eprint.iacr.org/2006/136
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
http://vnhacker.blogspot.com/2011/09/beast.html
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
http://www.insecure.cl/Beast-SSL.rar
MShttp://technet.microsoft.com/security/bulletin/MS12-006
OSVDBhttp://osvdb.org/74829
REDHAThttp://rhn.redhat.com/errata/RHSA-2013-1455.html
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://www.redhat.com/support/errata/RHSA-2012-0006.html
SECTRACKhttp://www.securitytracker.com/id?1025997
http://www.securitytracker.com/id?1026103
http://www.securitytracker.com/id/1029190
SECUNIAhttp://secunia.com/advisories/45791
http://secunia.com/advisories/48692
http://secunia.com/advisories/48915
http://secunia.com/advisories/48948
http://secunia.com/advisories/49198
http://secunia.com/advisories/55322
http://secunia.com/advisories/55350
http://secunia.com/advisories/55351
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
https://hermes.opensuse.org/messages/13154861
https://hermes.opensuse.org/messages/13155432
UBUNTUhttp://www.ubuntu.com/usn/USN-1263-1

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
DateInformations
2014-03-06 13:21:51
  • Multiple Updates
2014-02-28 17:19:11
  • Multiple Updates
2014-02-26 13:21:12
  • Multiple Updates
2014-02-17 11:05:07
  • Multiple Updates
2014-02-07 13:19:38
  • Multiple Updates
2014-01-19 21:28:07
  • Multiple Updates
2013-11-11 12:39:34
  • Multiple Updates
2013-10-31 13:18:59
  • Multiple Updates
2013-10-24 13:21:48
  • Multiple Updates
2013-07-23 21:19:12
  • Multiple Updates
2013-05-10 23:07:17
  • Multiple Updates
2013-03-07 13:19:37
  • Multiple Updates
2013-02-15 13:20:05
  • Multiple Updates
2012-12-22 13:19:23
  • Multiple Updates
2012-12-06 13:19:38
  • Multiple Updates
2012-11-07 05:20:40
  • Multiple Updates