You can "fix" the result on this webpage by flipping some settings in Firefox, but it will cause some websites to no longer work (guess why they aren't defaulted?). Newer versions (27 and up) will detect this and work around appropriately. They also have those settings by default.
If you absolutely require this website to tell you you're safe so you get a warm fuzzy feeling and can sleep at night, update to Firefox Beta. Don't just randomly go and change the settings, then wonder 2 weeks later why your banking website no longer works.
Also note that the site marks Firefox as Bad with TLS 1.0 because it can't verify for sure whether you have BEAST mitigation. But Firefox has BEAST mitigation.
Correct. Firefox and all other modern browsers use the so-called 1/n-1 split technique to mitigate the BEAST attack. It's actually possible to test if the mitigation is present; it's just that this site has not implemented it.
The documentation of the site actually just changed to imply they test for record splitting (it said they didn't before). However, testing with Firefox 26 shows it's still incorrectly flagged.
There's a commit from about 2 hours ago that enables 1/n-1 detection. So perhaps that's what they are running now. But it does not seem to be implemented correctly: when I access the site with a Java client (which does implement the split), the site says that it's vulnerable.
If you absolutely require this website to tell you you're safe so you get a warm fuzzy feeling and can sleep at night, update to Firefox Beta. Don't just randomly go and change the settings, then wonder 2 weeks later why your banking website no longer works.
Also note that the site marks Firefox as Bad with TLS 1.0 because it can't verify for sure whether you have BEAST mitigation. But Firefox has BEAST mitigation.