FreeBSD : mono -- TLS bugs (c0cae920-c4e9-11e4-898e-90e6ba741e35)

High Nessus Plugin ID 81684


The remote FreeBSD host is missing one or more security-related updates.


The Mono project reports :

Mono's implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. Details of this vulnerability are discussed in SKIP-TLS post.

Mono's implementation of SSL/TLS also contained support for the weak EXPORT cyphers and was susceptible to the FREAK attack.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 81684

File Name: freebsd_pkg_c0cae920c4e911e4898e90e6ba741e35.nasl

Version: $Revision: 1.2 $

Type: local

Published: 2015/03/09

Modified: 2016/05/26

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mono, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2015/03/07

Vulnerability Publication Date: 2015/03/06