FreeBSD : mono -- TLS bugs (c0cae920-c4e9-11e4-898e-90e6ba741e35)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Mono project reports :

Mono's implementation of the SSL/TLS stack failed to check the order
of the handshake messages. Which would allow various attacks on the
protocol to succeed. Details of this vulnerability are discussed in
SKIP-TLS post.

Mono's implementation of SSL/TLS also contained support for the weak
EXPORT cyphers and was susceptible to the FREAK attack.

See also :

http://www.mono-project.com/docs/about-mono/vulnerabilities/#tls-bugs
http://www.nessus.org/u?e47c1c47

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 81684 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now