Куда я попал?

SECURITM это SGRC система, автоматизирующая процессы в службах информационной безопасности. SECURITM помогает построить и управлять ИСПДн, КИИ, ГИС, СМИБ/СУИБ, банковскими системами защиты.
А еще SECURITM это место для обмена опытом и наработками для служб безопасности.

Подробнее

CVE-2011-3389

PUBLISHED 06.08.2024

CNA: mitre

Обновлено: 21.01.2020

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

БДУ ФСТЭК

Идентификатор	Описание
BDU:2015-09428	Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Доп. Информация

Product Status

n/a

Product:

n/a

Vendor:

n/a

Default status:

Не определен

Версии:

Затронутые версии	Статус
Наблюдалось в версии n/a	affected

Ссылки

http://osvdb.org/74829
http://eprint.iacr.org/2004/111
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://secunia.com/advisories/48692
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
http://marc.info/?l=bugtraq&m=133365109612558&w=2
http://secunia.com/advisories/55322
http://support.apple.com/kb/HT5130
https://bugzilla.redhat.com/show_bug.cgi?id=737506
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
http://www.securitytracker.com/id?1025997
http://www.us-cert.gov/cas/techalerts/TA12-010A.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://www.securityfocus.com/bid/49388
http://ekoparty.org/2011/juliano-rizzo.php
http://downloads.asterisk.org/pub/security/AST-2016-001.html
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://secunia.com/advisories/55351
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://www.kb.cert.org/vuls/id/864643
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.securityfocus.com/bid/49778
http://www.debian.org/security/2012/dsa-2398
http://secunia.com/advisories/48948
http://support.apple.com/kb/HT6150
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://technet.microsoft.com/security/advisory/2588513
https://hermes.opensuse.org/messages/13155432
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
http://www.opera.com/docs/changelogs/windows/1151/
https://hermes.opensuse.org/messages/13154861
http://eprint.iacr.org/2006/136
http://secunia.com/advisories/48915
http://security.gentoo.org/glsa/glsa-201203-02.xml
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
http://secunia.com/advisories/48256
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://www.securitytracker.com/id?1026103
http://support.apple.com/kb/HT4999
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
http://support.apple.com/kb/HT5501
http://www.insecure.cl/Beast-SSL.rar
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
http://support.apple.com/kb/HT5001
http://www.opera.com/docs/changelogs/mac/1160/
http://curl.haxx.se/docs/adv_20120124B.html
http://www.opera.com/support/kb/view/1004/
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://www.securitytracker.com/id?1026704
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
http://rhn.redhat.com/errata/RHSA-2012-0508.html
http://secunia.com/advisories/45791
http://www.securitytracker.com/id/1029190
http://www.mandriva.com/security/advisories?name=MDVSA-2012:058
http://secunia.com/advisories/47998
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://secunia.com/advisories/49198
http://www.redhat.com/support/errata/RHSA-2012-0006.html
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
http://www.opera.com/docs/changelogs/windows/1160/
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
http://marc.info/?l=bugtraq&m=133728004526190&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752
http://www.opera.com/docs/changelogs/unix/1151/
http://www.opera.com/docs/changelogs/mac/1151/
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
http://marc.info/?l=bugtraq&m=133365109612558&w=2
http://www.opera.com/docs/changelogs/unix/1160/
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
http://support.apple.com/kb/HT5281
http://marc.info/?l=bugtraq&m=133728004526190&w=2
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
https://bugzilla.novell.com/show_bug.cgi?id=719047
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
http://vnhacker.blogspot.com/2011/09/beast.html
http://www.ubuntu.com/usn/USN-1263-1
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://secunia.com/advisories/55350
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://www.ibm.com/developerworks/java/jdk/alerts/
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

CVE Program Container

Обновлено: 06.08.2024

SSVC and KEV, plus CVSS and CWE if not provided by the CNA.

Ссылки

http://osvdb.org/74829
http://eprint.iacr.org/2004/111
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://secunia.com/advisories/48692
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
http://marc.info/?l=bugtraq&m=133365109612558&w=2
http://secunia.com/advisories/55322
http://support.apple.com/kb/HT5130
https://bugzilla.redhat.com/show_bug.cgi?id=737506
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
http://www.securitytracker.com/id?1025997
http://www.us-cert.gov/cas/techalerts/TA12-010A.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://www.securityfocus.com/bid/49388
http://ekoparty.org/2011/juliano-rizzo.php
http://downloads.asterisk.org/pub/security/AST-2016-001.html
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://secunia.com/advisories/55351
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://www.kb.cert.org/vuls/id/864643
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.securityfocus.com/bid/49778
http://www.debian.org/security/2012/dsa-2398
http://secunia.com/advisories/48948
http://support.apple.com/kb/HT6150
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://technet.microsoft.com/security/advisory/2588513
https://hermes.opensuse.org/messages/13155432
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
http://www.opera.com/docs/changelogs/windows/1151/
https://hermes.opensuse.org/messages/13154861
http://eprint.iacr.org/2006/136
http://secunia.com/advisories/48915
http://security.gentoo.org/glsa/glsa-201203-02.xml
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
http://secunia.com/advisories/48256
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://www.securitytracker.com/id?1026103
http://support.apple.com/kb/HT4999
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
http://support.apple.com/kb/HT5501
http://www.insecure.cl/Beast-SSL.rar
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
http://support.apple.com/kb/HT5001
http://www.opera.com/docs/changelogs/mac/1160/
http://curl.haxx.se/docs/adv_20120124B.html
http://www.opera.com/support/kb/view/1004/
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://www.securitytracker.com/id?1026704
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
http://rhn.redhat.com/errata/RHSA-2012-0508.html
http://secunia.com/advisories/45791
http://www.securitytracker.com/id/1029190
http://www.mandriva.com/security/advisories?name=MDVSA-2012:058
http://secunia.com/advisories/47998
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://secunia.com/advisories/49198
http://www.redhat.com/support/errata/RHSA-2012-0006.html
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
http://www.opera.com/docs/changelogs/windows/1160/
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
http://marc.info/?l=bugtraq&m=133728004526190&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752
http://www.opera.com/docs/changelogs/unix/1151/
http://www.opera.com/docs/changelogs/mac/1151/
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
http://marc.info/?l=bugtraq&m=133365109612558&w=2
http://www.opera.com/docs/changelogs/unix/1160/
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
http://support.apple.com/kb/HT5281
http://marc.info/?l=bugtraq&m=133728004526190&w=2
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
https://bugzilla.novell.com/show_bug.cgi?id=719047
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
http://vnhacker.blogspot.com/2011/09/beast.html
http://www.ubuntu.com/usn/USN-1263-1
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://secunia.com/advisories/55350
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://www.ibm.com/developerworks/java/jdk/alerts/
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.

Каталог уязвимостей - CVE - CVE-2011-3389

CVE-2011-3389

CNA: mitre

БДУ ФСТЭК

Доп. Информация

Product Status

Ссылки

CVE Program Container

Ссылки