FreeBSD : fetchmail -- chosen plaintext attack against SSL CBC initialization vectors (18ce9a90-f269-11e1-be53-080027ef73ec) (BEAST)
Medium Nessus Plugin ID 61725
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMatthias Andree reports :
Fetchmail version 6.3.9 enabled 'all SSL workarounds' (SSL_OP_ALL) which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can make the application (fetchmail) encrypt some data for him -- which is not easily the case.
Stream ciphers (such as RC4) are unaffected.
Credits to Apple Product Security for reporting this.
SolutionUpdate the affected package.