FreeBSD : mono -- TLS bugs (c0cae920-c4e9-11e4-898e-90e6ba741e35)
High Nessus Plugin ID 81684
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe Mono project reports :
Mono's implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. Details of this vulnerability are discussed in SKIP-TLS post.
Mono's implementation of SSL/TLS also contained support for the weak EXPORT cyphers and was susceptible to the FREAK attack.
SolutionUpdate the affected packages.