Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2011-3389

Disclosure Date: September 06, 2011 •

Description

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a “BEAST” attack.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

canonical,
debian,
google,
haxx,
microsoft,
mozilla,
opera,
redhat,
siemens

Products

chrome -,
curl,
debian linux 5.0,
debian linux 6.0,
enterprise linux desktop 5.0,
enterprise linux desktop 6.0,
enterprise linux eus 6.2,
enterprise linux server 5.0,
enterprise linux server 6.0,
enterprise linux server aus 6.2,
enterprise linux workstation 5.0,
enterprise linux workstation 6.0,
firefox -,
internet explorer -,
opera browser -,
simatic rf615r firmware,
simatic rf68xr firmware,
ubuntu linux 10.04,
ubuntu linux 10.10,
ubuntu linux 11.04,
ubuntu linux 11.10,
windows -

Metasploit Modules

auxiliary/scanner/ssl/ssl_version (https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/ssl_version.rb)

References

Canonical

CVE-2011-3389 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389)

BID-49388 (http://www.securityfocus.com/bid/49388)

BID-49778 (http://www.securityfocus.com/bid/49778)

Advisory

OSVDB-74829 (http://osvdb.org/74829)

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

GLSA-201406-32 (http://security.gentoo.org/glsa/glsa-201406-32.xml)

SECUNIA-48692 (http://secunia.com/advisories/48692)

HPSBMU02799 (http://marc.info?l=bugtraq&m=134254866602253&w=2)

http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf

SSRT100805 (http://marc.info?l=bugtraq&m=133365109612558&w=2)

SECUNIA-55322 (http://secunia.com/advisories/55322)

http://support.apple.com/kb/HT5130

https://bugzilla.redhat.com/show_bug.cgi?id=737506

HPSBUX02730 (http://marc.info?l=bugtraq&m=132750579901589&w=2)

http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html

SECTRACK-1025997 (http://www.securitytracker.com/id?1025997)

TA12-010A (http://www.us-cert.gov/cas/techalerts/TA12-010A.html)

APPLE-SA-2011-10-12-1 (http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html)

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html

http://downloads.asterisk.org/pub/security/AST-2016-001.html

https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail

http://rhn.redhat.com/errata/RHSA-2013-1455.html

SECUNIA-55351 (http://secunia.com/advisories/55351)

VU#864643 (http://www.kb.cert.org/vuls/id/864643)

APPLE-SA-2013-10-22-3 (http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html)

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

DSA-2398 (http://www.debian.org/security/2012/dsa-2398)

SECUNIA-48948 (http://secunia.com/advisories/48948)

http://support.apple.com/kb/HT6150

APPLE-SA-2012-02-01-1 (http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html)

http://technet.microsoft.com/security/advisory/2588513

https://hermes.opensuse.org/messages/13155432

http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx

http://www.redhat.com/support/errata/RHSA-2011-1384.html

http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx

http://www.opera.com/docs/changelogs/windows/1151

https://hermes.opensuse.org/messages/13154861

SECUNIA-48915 (http://secunia.com/advisories/48915)

GLSA-201203-02 (http://security.gentoo.org/glsa/glsa-201203-02.xml)

SSRT100740 (http://marc.info?l=bugtraq&m=132872385320240&w=2)

SECUNIA-48256 (http://secunia.com/advisories/48256)

APPLE-SA-2012-09-19-2 (http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html)

SECTRACK-1026103 (http://www.securitytracker.com/id?1026103)

http://support.apple.com/kb/HT4999

http://www.imperialviolet.org/2011/09/23/chromeandbeast.html

http://support.apple.com/kb/HT5501

http://support.apple.com/kb/HT5001

http://www.opera.com/docs/changelogs/mac/1160

http://curl.haxx.se/docs/adv_20120124B.html

http://www.opera.com/support/kb/view/1004

http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html

SECTRACK-1026704 (http://www.securitytracker.com/id?1026704)

APPLE-SA-2012-07-25-2 (http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html)

http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue

http://rhn.redhat.com/errata/RHSA-2012-0508.html

SECUNIA-45791 (http://secunia.com/advisories/45791)

SECTRACK-1029190 (http://www.securitytracker.com/id/1029190)

http://www.mandriva.com/security/advisories?name=MDVSA-2012:058

SECUNIA-47998 (http://secunia.com/advisories/47998)

SSRT100867 (http://marc.info?l=bugtraq&m=134254957702612&w=2)

SECUNIA-49198 (http://secunia.com/advisories/49198)

http://www.redhat.com/support/errata/RHSA-2012-0006.html

http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html

HPSBUX02777 (http://marc.info?l=bugtraq&m=133728004526190&w=2)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752

http://www.opera.com/docs/changelogs/unix/1151

http://www.opera.com/docs/changelogs/mac/1151

MS12-006 (https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006)

http://www.opera.com/docs/changelogs/unix/1160

http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html

http://support.apple.com/kb/HT5281

APPLE-SA-2011-10-12-2 (http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html)

https://bugzilla.novell.com/show_bug.cgi?id=719047

SSRT100907 (https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862)

USN-1263-1 (http://www.ubuntu.com/usn/USN-1263-1)

APPLE-SA-2012-05-09-1 (http://lists.apple.com/archives/security-announce/2012/May/msg00001.html)

SECUNIA-55350 (http://secunia.com/advisories/55350)

http://www.ibm.com/developerworks/java/jdk/alerts

https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

Miscellaneous

http://eprint.iacr.org/2004/111

http://isc.sans.edu/diary/SSL+TLS+part+3+/11635

http://ekoparty.org/2011/juliano-rizzo.php

http://eprint.iacr.org/2006/136

http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html

http://www.insecure.cl/Beast-SSL.rar

https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

http://www.opera.com/docs/changelogs/windows/1160

http://vnhacker.blogspot.com/2011/09/beast.html

Rapid7

Technical Analysis