FreeBSD : opera -- multiple vulnerabilities (a4a809d8-25c8-11e1-b531-00215c6a37bb) (BEAST)

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Opera software reports :

- Fixed a moderately severe issue; details will be disclosed at a
later date

- Fixed an issue that could allow pages to set cookies or communicate
cross-site for some top level domains; see our advisory

- Improved handling of certificate revocation corner cases

- Added a fix for a weakness in the SSL v3.0 and TLS 1.0
specifications, as reported by Thai Duong and Juliano Rizzo; see our
advisory

- Fixed an issue where the JavaScript 'in' operator allowed leakage of
cross-domain information, as reported by David Bloom; see our advisory

See also :

http://www.opera.com/support/kb/view/1003/
http://www.opera.com/support/kb/view/1004/
http://www.opera.com/support/kb/view/1005/
http://www.nessus.org/u?88ba17c8

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 57294 ()

Bugtraq ID:

CVE ID: CVE-2011-3389
CVE-2011-4681
CVE-2011-4682
CVE-2011-4683

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now