Detections
Analytics

FreeBSD : mono -- TLS bugs (c0cae920-c4e9-11e4-898e-90e6ba741e35)

high Nessus Plugin ID 81684

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The Mono project reports :

Mono's implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. Details of this vulnerability are discussed in SKIP-TLS post.

Mono's implementation of SSL/TLS also contained support for the weak EXPORT cyphers and was susceptible to the FREAK attack.

Solution

Update the affected packages.

See Also

https://www.mono-project.com/docs/about-mono/vulnerabilities/#tls-bugs

http://www.nessus.org/u?e2ce026d

Plugin Details

Severity: High

ID: 81684

File Name: freebsd_pkg_c0cae920c4e911e4898e90e6ba741e35.nasl

Version: 1.6

Type: local

Published: 3/9/2015

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mono, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 3/7/2015

Vulnerability Publication Date: 3/6/2015