CVE-2011-3389

NameCVE-2011-3389
DescriptionThe SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-154-1, DLA-400-1, DSA-2356-1, DSA-2358-1, DSA-2368-1, DSA-2398-1
NVD severitymedium (attack range: remote)
Debian Bugs645881, 678998, 684511

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
asterisk (PTS)wheezy1:1.8.13.1~dfsg1-3+deb7u3vulnerable
wheezy (security)1:1.8.13.1~dfsg1-3+deb7u6vulnerable
jessie1:11.13.1~dfsg-2+deb8u2fixed
jessie (security)1:11.13.1~dfsg-2+deb8u3fixed
stretch1:13.14.1~dfsg-2fixed
stretch (security)1:13.14.1~dfsg-2+deb9u1fixed
buster, sid1:13.17.1~dfsg-1fixed
bouncycastle (PTS)wheezy1.44+dfsg-3.1+deb7u1vulnerable
wheezy (security)1.44+dfsg-3.1+deb7u2vulnerable
jessie (security), jessie1.49+dfsg-3+deb8u2fixed
stretch1.56-1fixed
buster, sid1.57-1fixed
chromium-browser (PTS)wheezy, wheezy (security)37.0.2062.120-1~deb7u1fixed
jessie (security), jessie57.0.2987.98-1~deb8u1fixed
stretch59.0.3071.86-1fixed
stretch (security)60.0.3112.78-1~deb9u1fixed
buster, sid60.0.3112.78-1fixed
curl (PTS)wheezy7.26.0-1+wheezy13fixed
wheezy (security)7.26.0-1+wheezy20fixed
jessie (security), jessie7.38.0-4+deb8u5fixed
stretch7.52.1-5fixed
buster, sid7.55.1-1fixed
erlang (PTS)wheezy1:15.b.1-dfsg-4+deb7u1fixed
jessie1:17.3-dfsg-4+deb8u1fixed
stretch1:19.2.1+dfsg-2fixed
buster, sid1:20.0.4+dfsg-1fixed
gnutls26 (PTS)wheezy, wheezy (security)2.12.20-8+deb7u5vulnerable
gnutls28 (PTS)jessie3.3.8-6+deb8u7vulnerable
jessie (security)3.3.8-6+deb8u6vulnerable
stretch3.5.8-5+deb9u2vulnerable
stretch (security)3.5.8-5+deb9u1vulnerable
buster, sid3.5.15-2vulnerable
haskell-tls (PTS)wheezy0.9.5-1vulnerable
jessie1.2.9-2vulnerable
stretch1.3.8-3vulnerable
buster, sid1.3.11-1vulnerable
iceweasel (PTS)wheezy, wheezy (security)38.8.0esr-1~deb7u1fixed
jessie (security)38.8.0esr-1~deb8u1fixed
lighttpd (PTS)wheezy1.4.31-4+deb7u4fixed
wheezy (security)1.4.31-4+deb7u5fixed
jessie (security), jessie1.4.35-4+deb8u1fixed
buster, sid, stretch1.4.45-1fixed
matrixssl (PTS)wheezy1.8.8-1vulnerable
nss (PTS)wheezy2:3.14.5-1+deb7u5fixed
wheezy (security)2:3.26-1+debu7u4fixed
jessie (security), jessie2:3.26-1+debu8u2fixed
stretch2:3.26.2-1.1fixed
buster, sid2:3.32-2fixed
openjdk-6 (PTS)wheezy, wheezy (security)6b38-1.13.10-1~deb7u1fixed
openjdk-7 (PTS)wheezy7u95-2.6.4-1~deb7u1fixed
wheezy (security)7u151-2.6.11-1+deb7u1fixed
jessie7u111-2.6.7-1~deb8u1fixed
jessie (security)7u151-2.6.11-1~deb8u1fixed
polarssl (PTS)wheezy, wheezy (security)1.2.9-1~deb7u6vulnerable
jessie1.3.9-2.1+deb8u2vulnerable
jessie (security)1.3.9-2.1+deb8u1vulnerable
pound (PTS)wheezy, wheezy (security)2.6-2+deb7u1fixed
jessie (security), jessie2.6-6+deb8u1fixed
buster, sid, stretch2.7-1.3fixed
python2.6 (PTS)wheezy2.6.8-1.1fixed
python2.7 (PTS)wheezy2.7.3-6+deb7u2fixed
wheezy (security)2.7.3-6+deb7u3fixed
jessie2.7.9-2+deb8u1fixed
buster, stretch2.7.13-2fixed
sid2.7.14-2fixed
python3.2 (PTS)wheezy3.2.3-7fixed
wheezy (security)3.2.3-7+deb7u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
asterisksource(unstable)1:13.7.2~dfsg-1medium
asterisksourcejessie1:11.13.1~dfsg-2+deb8u1medium
asterisksourcesqueeze(unfixed)end-of-life
bouncycastlesource(unstable)1.49+dfsg-1medium
chromium-browsersource(unstable)15.0.874.106~r107270-1medium
chromium-browsersourcesqueeze(unfixed)end-of-life
curlsource(unstable)7.24.0-1medium
curlsourcelenny7.18.2-8lenny6mediumDSA-2398-1
curlsourcesqueeze7.21.0-2.1+squeeze1mediumDSA-2398-1
cyasslsource(unstable)(unfixed)medium
erlangsource(unstable)1:15.b-dfsg-1medium
gnutls26source(unstable)(unfixed)unimportant
gnutls28source(unstable)(unfixed)unimportant
haskell-tlssource(unstable)(unfixed)unimportant
iceweaselsource(unstable)(not affected)
lighttpdsource(unstable)1.4.30-1medium
lighttpdsourcelenny1.4.19-5+lenny3mediumDSA-2368-1
lighttpdsourcesqueeze1.4.28-2+squeeze1mediumDSA-2368-1
matrixsslsource(unstable)(unfixed)low
nsssource(unstable)3.13.1.with.ckbi.1.88-1medium
nsssourcesqueeze3.12.8-1+squeeze11mediumDLA-154-1
openjdk-6source(unstable)6b23~pre11-1medium
openjdk-6sourcelenny6b18-1.8.10-0~lenny2mediumDSA-2358-1
openjdk-6sourcesqueeze6b18-1.8.10-0+squeeze2mediumDSA-2356-1
openjdk-7source(unstable)7~b147-2.0-1medium
polarsslsource(unstable)(unfixed)unimportant
poundsource(unstable)2.6-2medium
poundsourcesqueeze2.6-1+deb6u1mediumDLA-400-1
python2.6source(unstable)2.6.8-0.1medium684511
python2.7source(unstable)2.7.3~rc1-1medium
python3.1source(unstable)(unfixed)medium678998
python3.2source(unstable)3.2.3~rc1-1medium
sun-java6source(unstable)(unfixed)medium645881
tlslitesource(unstable)(unfixed)medium

Notes

[lenny] - sun-java6 <no-dsa> (Non-free not supported)
[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
strictly speaking this is no lighttpd issue, but lighttpd adds a workaround
http://curl.haxx.se/docs/adv_20120124B.html
[squeeze] - python2.6 <no-dsa> (Minor issue)
[squeeze] - python3.1 <no-dsa> (Minor issue)
http://bugs.python.org/issue13885
python3.1 is fixed starting 3.1.5
No mitigation for gnutls, it is recommended to use TLS 1.1 or 1.2 which is supported since 2.0.0
No mitigation for haskell-tls, it is recommended to use TLS 1.1, which is supported since 0.2
[squeeze] - matrixssl <no-dsa> (Minor issue)
[wheezy] - matrixssl <no-dsa> (Minor issue)
matrixssl fix this upstream in 3.2.2
[squeeze] - bouncycastle <no-dsa> (Minor issue)
[wheezy] - bouncycastle <no-dsa> (Minor issue)
No mitigation for bouncycastle, it is recommended to use TLS 1.1, which is supported since 1.4.9
https://bugzilla.mozilla.org/show_bug.cgi?id=665814
https://hg.mozilla.org/projects/nss/rev/7f7446fcc7ab
No mitigation for polarssl, it is recommended to use TLS 1.1, which is supported in all releases
[wheezy] - tlslite <no-dsa> (Minor issue)
Pound 2.6-2 added an anti_beast.patch to mitigate BEAST attacks.
[squeeze] - erlang <no-dsa> (Minor issue)
[wheezy] - asterisk <no-dsa> (Minor issue)
[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
http://downloads.digium.com/pub/security/AST-2016-001.html
https://issues.asterisk.org/jira/browse/ASTERISK-24972
patch for 11 (jessie): https://code.asterisk.org/code/changelog/asterisk?cs=f233bcd81d85626ce5bdd27b05bc95d131faf3e4
all versions vulnerable, backport required for wheezy

Search for package or bug name: Reporting problems