CVE-2011-3389

NameCVE-2011-3389
DescriptionThe SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-154-1, DLA-400-1, DSA-2356-1, DSA-2358-1, DSA-2368-1, DSA-2398-1
Debian Bugs645881, 678998, 684511

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
asterisk (PTS)bullseye1:16.28.0~dfsg-0+deb11u4fixed
bullseye (security)1:16.28.0~dfsg-0+deb11u5fixed
sid1:22.1.0~dfsg+~cs6.14.60671435-1fixed
bouncycastle (PTS)bullseye1.68-2fixed
bookworm1.72-2fixed
sid, trixie1.77-1fixed
curl (PTS)bullseye7.74.0-1.3+deb11u13fixed
bullseye (security)7.74.0-1.3+deb11u14fixed
bookworm7.88.1-10+deb12u8fixed
bookworm (security)7.88.1-10+deb12u5fixed
sid, trixie8.11.1-1fixed
erlang (PTS)bullseye1:23.2.6+dfsg-1+deb11u1fixed
bookworm1:25.2.3+dfsg-1fixed
trixie1:25.3.2.12+dfsg-3fixed
sid1:27.1.2+dfsg-1fixed
gnutls28 (PTS)bullseye3.7.1-5+deb11u5vulnerable
bullseye (security)3.7.1-5+deb11u6vulnerable
bookworm3.7.9-2+deb12u3vulnerable
sid, trixie3.8.8-2vulnerable
haskell-tls (PTS)bullseye1.5.4-1vulnerable
bookworm1.5.8-1vulnerable
sid, trixie1.8.0-1vulnerable
lighttpd (PTS)bullseye (security), bullseye1.4.59-1+deb11u2fixed
bookworm1.4.69-1fixed
sid, trixie1.4.76-1fixed
nss (PTS)bullseye2:3.61-1+deb11u3fixed
bullseye (security)2:3.61-1+deb11u4fixed
bookworm2:3.87.1-1fixed
bookworm (security)2:3.87.1-1+deb12u1fixed
sid, trixie2:3.106-1fixed
pound (PTS)bullseye3.0-2fixed
sid, trixie4.15-1fixed
python2.7 (PTS)bullseye2.7.18-8+deb11u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
asterisksourcesqueeze(unfixed)end-of-life
asterisksourcejessie1:11.13.1~dfsg-2+deb8u1
asterisksource(unstable)1:13.7.2~dfsg-1
bouncycastlesource(unstable)1.49+dfsg-1
chromium-browsersourcesqueeze(unfixed)end-of-life
chromium-browsersource(unstable)15.0.874.106~r107270-1
curlsourcelenny7.18.2-8lenny6DSA-2398-1
curlsourcesqueeze7.21.0-2.1+squeeze1DSA-2398-1
curlsource(unstable)7.24.0-1
cyasslsource(unstable)(unfixed)
erlangsource(unstable)1:15.b-dfsg-1
gnutls26source(unstable)(unfixed)unimportant
gnutls28source(unstable)(unfixed)unimportant
haskell-tlssource(unstable)(unfixed)unimportant
iceweaselsource(unstable)(not affected)
lighttpdsourcelenny1.4.19-5+lenny3DSA-2368-1
lighttpdsourcesqueeze1.4.28-2+squeeze1DSA-2368-1
lighttpdsource(unstable)1.4.30-1
matrixsslsource(unstable)(unfixed)low
nsssourcesqueeze3.12.8-1+squeeze11DLA-154-1
nsssource(unstable)3.13.1.with.ckbi.1.88-1
openjdk-6sourcelenny6b18-1.8.10-0~lenny2DSA-2358-1
openjdk-6sourcesqueeze6b18-1.8.10-0+squeeze2DSA-2356-1
openjdk-6source(unstable)6b23~pre11-1
openjdk-7source(unstable)7~b147-2.0-1
polarsslsource(unstable)(unfixed)unimportant
poundsourcesqueeze2.6-1+deb6u1DLA-400-1
poundsource(unstable)2.6-2
python2.6source(unstable)2.6.8-0.1684511
python2.7source(unstable)2.7.3~rc1-1
python3.1source(unstable)(unfixed)678998
python3.2source(unstable)3.2.3~rc1-1
sun-java6source(unstable)(unfixed)645881
tlslitesource(unstable)(unfixed)

Notes

[lenny] - sun-java6 <no-dsa> (Non-free not supported)
[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
- iceweasel <not-affected> (Vulnerable code not present)
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
strictly speaking this is no lighttpd issue, but lighttpd adds a workaround
http://curl.haxx.se/docs/adv_20120124B.html
[squeeze] - python2.6 <no-dsa> (Minor issue)
[squeeze] - python3.1 <no-dsa> (Minor issue)
http://bugs.python.org/issue13885
python3.1 is fixed starting 3.1.5
No mitigation for gnutls, it is recommended to use TLS 1.1 or 1.2 which is supported since 2.0.0
No mitigation for haskell-tls, it is recommended to use TLS 1.1, which is supported since 0.2
[squeeze] - matrixssl <no-dsa> (Minor issue)
[wheezy] - matrixssl <no-dsa> (Minor issue)
matrixssl fix this upstream in 3.2.2
[squeeze] - bouncycastle <no-dsa> (Minor issue)
[wheezy] - bouncycastle <no-dsa> (Minor issue)
No mitigation for bouncycastle, it is recommended to use TLS 1.1, which is supported since 1.4.9
https://bugzilla.mozilla.org/show_bug.cgi?id=665814
https://hg.mozilla.org/projects/nss/rev/7f7446fcc7ab
No mitigation for polarssl, it is recommended to use TLS 1.1, which is supported in all releases
[wheezy] - tlslite <no-dsa> (Minor issue)
Pound 2.6-2 added an anti_beast.patch to mitigate BEAST attacks.
[squeeze] - erlang <no-dsa> (Minor issue)
[wheezy] - asterisk <no-dsa> (Minor issue)
[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
http://downloads.digium.com/pub/security/AST-2016-001.html
https://issues.asterisk.org/jira/browse/ASTERISK-24972
patch for 11 (jessie): https://code.asterisk.org/code/changelog/asterisk?cs=f233bcd81d85626ce5bdd27b05bc95d131faf3e4
all versions vulnerable, backport required for wheezy

Search for package or bug name: Reporting problems