{
  "schema_version": "1.5.0",
  "id": "CURL-CVE-2011-3389",
  "aliases": [
    "CVE-2011-3389"
  ],
  "summary": "SSL CBC IV vulnerability",
  "modified": "2024-06-07T13:53:51.00Z",
  "database_specific": {
    "package": "curl",
    "affects": "both",
    "URL": "https://curl.se/docs/CVE-2011-3389.json",
    "www": "https://curl.se/docs/CVE-2011-3389.html",
    "CWE": {
      "id": "CWE-924",
      "desc": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
    },
    "last_affected": "7.23.1",
    "severity": "High"
  },
  "published": "2012-01-24T08:00:00.00Z",
  "affected": [
    {
      "ranges": [
        {
           "type": "SEMVER",
           "events": [
             {"introduced": "7.10.6"},
             {"fixed": "7.24.0"}
           ]
        }      ],
      "versions": [
        "7.23.1", "7.23.0", "7.22.0", "7.21.7", "7.21.6", "7.21.5", "7.21.4", 
        "7.21.3", "7.21.2", "7.21.1", "7.21.0", "7.20.1", "7.20.0", "7.19.7", 
        "7.19.6", "7.19.5", "7.19.4", "7.19.3", "7.19.2", "7.19.1", "7.19.0", 
        "7.18.2", "7.18.1", "7.18.0", "7.17.1", "7.17.0", "7.16.4", "7.16.3", 
        "7.16.2", "7.16.1", "7.16.0", "7.15.5", "7.15.4", "7.15.3", "7.15.2", 
        "7.15.1", "7.15.0", "7.14.1", "7.14.0", "7.13.2", "7.13.1", "7.13.0", 
        "7.12.3", "7.12.2", "7.12.1", "7.12.0", "7.11.2", "7.11.1", "7.11.0", 
        "7.10.8", "7.10.7", "7.10.6"
      ]
    }
  ],
  "credits": [
    {
      "name": "product-security at Apple",
      "type": "FINDER"
    },
    {
      "name": "Daniel Stenberg",
      "type": "REMEDIATION_DEVELOPER"
    },
    {
      "name": "Yang Tse",
      "type": "OTHER"
    }
  ],
  "details": "curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for\nthe SSL/TLS layer.\n\nThis vulnerability has been identified (CVE-2011-3389 aka the \"BEAST\" attack)\nand is addressed by OpenSSL already as they have made a work-around to\nmitigate the problem. When doing so, they figured out that some servers did\nnot work with the work-around and offered a way to disable it.\n\nThe bit used to disable the workaround was then added to the generic\n`SSL_OP_ALL` bitmask that SSL clients may use to enable workarounds for better\ncompatibility with servers. libcurl uses the SSL_OP_ALL bitmask.\n\nWhile `SSL_OP_ALL` is documented to enable \"rather harmless\" workarounds, it\ndoes in this case effectively enable this security vulnerability again."
}