<em style='font-weight:bold;'>(Description Provided by <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-3389" target="_blank">CVE</a>)</em> : The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a &quot;BEAST&quot; attack.

Various vendors have released upgrades, consult specific advisories for further details.

• Security Tracker: 1025997 1026103 1026498 1026587 1026646 1026704 1027303 1027513
• CVE ID: 2004-2770 (see also: NVD) 2011-3389 (see also: NVD)
• Microsoft Knowledge Base Article: 2588513
• Secunia Advisory ID: 45791 45859 46168 46377 46415 46481 46490 46512 46521 46538 46694 46695 46728 46774 46791 46895 47031 47077 47091 47172 47260 47268 47303 47313 47358 47432 47464 47476 47633 47684 47690 47709 47750 47756 47764 47843 47944 47945 47988 47998 48256 48323 48335 48444 48546 48692 48915 48948 49076 49198 49333 49354 49552 49554 49953 49966 50068 50395 50601 50605 50628 50782 51766 53217 53219
• Bugtraq ID: 49388 49778
• Related OSVDB ID: 74828
• CERT VU: 864643
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2012-09/att-0040/ESA-2012-032.txt
  http://archives.neohapsis.com/archives/bugtraq/2012-09/att-0046/ESA-2012-029.txt
  http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
  http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
  http://seclists.org/bugtraq/2011/Oct/72
  http://seclists.org/bugtraq/2011/Oct/73
  http://seclists.org/bugtraq/2012/Apr/48
  http://seclists.org/bugtraq/2012/Feb/37
  http://seclists.org/bugtraq/2012/Jan/150
  http://seclists.org/bugtraq/2012/May/97
• Vendor Specific News/Changelog Entry: http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
  http://blogs.oracle.com/sunsecurity/entry/cve_2011_3389_chosen_plaintext
  http://blogs.oracle.com/sunsecurity/entry/cve_2011_3389_chosen_plaintext2
  http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
  http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555
  http://files.zimbra.com/website/docs/7.0/Zimbra%20OS%20Release%20Notes%207.1.4-2.pdf
  http://freecode.com/projects/hiawatha/releases/353923
  http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03122753
  http://lists.debian.org/debian-security-announce/2012/msg00022.html
  http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068450.html
  http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
  http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
  http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
  http://lists.opensuse.org/opensuse-updates/2011-09/msg00016.html
  http://lists.opensuse.org/opensuse-updates/2011-10/msg00035.html
  http://lists.opensuse.org/opensuse-updates/2011-12/msg00005.html
  http://lists.opensuse.org/opensuse-updates/2012-02/msg00032.html
  http://lists.opensuse.org/opensuse-updates/2012-05/msg00048.html
  http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
  http://support.attachmate.com/techdocs/1704.html
  http://technet.microsoft.com/security/advisory/2588513
  http://www.debian.org/security/2011/dsa-2356
  http://www.debian.org/security/2011/dsa-2358
  http://www.debian.org/security/2011/dsa-2368
  http://www.gentoo.org/security/en/glsa/glsa-201111-02.xml
  http://www.gentoo.org/security/en/glsa/glsa-201203-02.xml
  http://www.gentoo.org/security/en/glsa/glsa-201301-01.xml
  http://www.ibm.com/developerworks/java/jdk/alerts/
  http://www.ibm.com/support/docview.wss?uid=swg1PM60958
  http://www.ibm.com/support/docview.wss?uid=swg21568229
  http://www.ibm.com/support/docview.wss?uid=swg21571596
  http://www.ibm.com/support/docview.wss?uid=swg21578730
  http://www.ibm.com/support/docview.wss?uid=swg21598423
  http://www.ibm.com/support/docview.wss?uid=swg21609004
  http://www.ibm.com/support/docview.wss?uid=swg21609022
  http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
  http://www.opera.com/docs/changelogs/mac/1151/
  http://www.opera.com/docs/changelogs/unix/1151/
  http://www.opera.com/docs/changelogs/windows/1151/
  http://www.opera.com/docs/changelogs/windows/1160/
  http://www.ubuntu.com/usn/usn-1263-1
  https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
  https://bugzilla.novell.com/show_bug.cgi?id=719047
  https://bugzilla.redhat.com/show_bug.cgi?id=737506
  https://hermes.opensuse.org/messages/13154861
  https://hermes.opensuse.org/messages/13155432
  https://issues.apache.org/jira/browse/AMQ-3508
• Vendor Specific Advisory URL: http://curl.haxx.se/docs/adv_20120124B.html
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03164351
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03266681
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03358587
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03405642
  http://support.apple.com/kb/HT4999
  http://support.apple.com/kb/HT5001/
  http://support.apple.com/kb/HT5045
  http://support.apple.com/kb/HT5130
  http://support.apple.com/kb/HT5416
  http://support.apple.com/kb/HT5501
  http://technet.microsoft.com/en-us/security/bulletin/ms12-006
  http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html
  http://www.novell.com/support/viewContent.do?externalId=7009901
  http://www.opera.com/support/kb/view/1004/
  http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
  http://www.vmware.com/security/advisories/VMSA-2012-0003.html
  http://www.vmware.com/security/advisories/VMSA-2012-0005.html
  https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_python
  https://downloads.avaya.com/css/P8/documents/100154049
• Other Advisory URL: http://ekoparty.org/2011/juliano-rizzo.php
  http://eprint.iacr.org/2004/111
  http://eprint.iacr.org/2006/136
  http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
  http://vnhacker.blogspot.com/2011/09/beast.html
  http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
  http://www.insecure.cl/Beast-SSL.rar
• Packet Storm: http://packetstormsecurity.org/files/111633/HP-Security-Bulletin-HPSBUX02760-SSRT100805.html
• News Article: http://www.computerworld.com/s/article/9223326/Microsoft_patches_critical_Windows_drive_by_bug
  http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/
• RedHat RHSA: RHSA-2011-1380 RHSA-2011-1384 RHSA-2012:0006 RHSA-2012:0034 RHSA-2012:0508

Unknown or Incomplete