Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-3389

Опубликовано: 10 сент. 2011
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Отчет

Red Hat is aware of, and tracking, the Rizzo/Duong chosen plain text attack on SSL/TLS 1.0, also known as "BEAST". This issue has been assigned CVE-2011-3389. This attack uses web browser extensions to exploit a weakness in SSL/TLS cipher-block chaining (CBC), allowing a man-in-the-middle attacker to recover certain session information, such as cookie data, from what should be a secure connection. The research shows two ways that an attacker could mount an attack. In both cases the attacker needs access to the data stream from the web browser to the server while a user visits a malicious website using a browser. The attacker may then be able to determine a portion of the data the browser sends to the server by making a large number of requests over a period of time. This data could include information such as an authentication cookie. The first method of attack involves using WebSockets. Currently, Red Hat does not ship any products that allow an attack using WebSockets to be successful. We are planning to update Firefox to version 7, which contains protections in the WebSocket code that prevents this particular attack from being effective. The second method of attack involves using a malicious Java applet. In order for the attack to be successful, the attacker would need to circumvent the Same Origin Policy (SOP) controls in Java. The researchers claim to have found a flaw in the Java SOP and we will issue updates to correct this flaw as suitable fixes are available. We are in contact with various upstream projects regarding this attack. As a precautionary measure, we plan to update the Network Security Services (NSS), GnuTLS, and OpenSSL packages as suitable fixes are available. We will continue to track this issue and take any appropriate actions as needed. This statement and any updates to it is available at: https://bugzilla.redhat.com/show_bug.cgi?id=737506

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4gnutlsWill not fix
Red Hat Enterprise Linux 4java-1.5.0-ibmAffected
Red Hat Enterprise Linux 4nssWill not fix
Red Hat Enterprise Linux 4opensslWill not fix
Red Hat Enterprise Linux 4openssl096bWill not fix
Red Hat Enterprise Linux 5gnutlsWill not fix
Red Hat Enterprise Linux 5nssAffected
Red Hat Enterprise Linux 5openssl097aWill not fix
Red Hat Enterprise Linux 6gnutlsWill not fix
Red Hat Enterprise Linux 6java-1.4.2-ibm-sapAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=737506HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

EPSS

Процентиль: 88%
0.03795
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-3389

ubuntu
больше 14 лет назад

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

nvd логотип

CVE-2011-3389

nvd
больше 14 лет назад

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

debian логотип

CVE-2011-3389

debian
больше 14 лет назад

The SSL protocol, as used in certain configurations in Microsoft Windo ...

github логотип

GHSA-rhch-pcq2-7gp3

github
больше 3 лет назад

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

fstec логотип

BDU:2015-09428

fstec
почти 14 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 88%
0.03795
Низкий

4.3 Medium

CVSS2