2.6 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
61.5%
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google
Chrome, Qt, and other products, can encrypt compressed data without
properly obfuscating the length of the unencrypted data, which allows
man-in-the-middle attackers to obtain plaintext HTTP headers by observing
length differences during a series of guesses in which a string in an HTTP
request potentially matches an unknown string in an HTTP header, aka a
“CRIME” attack.
Author | Note |
---|---|
jdstrand | Fedora/RedHat has a patch to check for OPENSSL_NO_DEFAULT_ZLIB that can be used to mitigate this flaw. See RedHat bug #857051 No patch for upstream OpenSSL. This may be considered a flaw in the applications using OpenSSL and not OpenSSL itself. |
mdeslaur | adding apache2, we should backport the SSLCompression option. in trunk and 2.4, sslcompression defaults to off with a second commit. Second commit to default to off isn’t in 2.2 yet. redhat disabled zlib compression by default in openssl: https://rhn.redhat.com/errata/RHSA-2013-0587.html |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | apache2 | < 2.2.8-1ubuntu0.24 | UNKNOWN |
ubuntu | 10.04 | noarch | apache2 | < 2.2.14-5ubuntu8.10 | UNKNOWN |
ubuntu | 11.10 | noarch | apache2 | < 2.2.20-1ubuntu1.3 | UNKNOWN |
ubuntu | 12.04 | noarch | apache2 | < 2.2.22-1ubuntu1.2 | UNKNOWN |
ubuntu | 12.10 | noarch | apache2 | < 2.2.22-6ubuntu2.1 | UNKNOWN |
ubuntu | 13.04 | noarch | apache2 | < 2.2.22-6ubuntu3 | UNKNOWN |
ubuntu | 13.10 | noarch | apache2 | < 2.2.22-6ubuntu3 | UNKNOWN |
ubuntu | 10.04 | noarch | chromium-browser | < 23.0.1271.97-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | chromium-browser | < 23.0.1271.97-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | chromium-browser | < 23.0.1271.97-0ubuntu0.12.04.1 | UNKNOWN |
arstechnica.com/security/2012/09/crime-hijacks-https-sessions/
code.google.com/p/chromium/issues/detail?id=139744
isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html
news.ycombinator.com/item?id=4510829
permalink.gmane.org/gmane.comp.lib.qt.devel/6729
security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor
threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312
threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512
www.ekoparty.org/2012/thai-duong.php
www.iacr.org/cryptodb/data/paper.php?pubkey=3091
www.theregister.co.uk/2012/09/14/crime_tls_attack/
bugzilla.redhat.com/show_bug.cgi?id=857051
chromiumcodereview.appspot.com/10825183
community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
gist.github.com/3696912
launchpad.net/bugs/cve/CVE-2012-4929
nvd.nist.gov/vuln/detail/CVE-2012-4929
security-tracker.debian.org/tracker/CVE-2012-4929
threatpost.com/en_us/blogs/demo-crime-tls-attack-091212
ubuntu.com/security/notices/USN-1627-1
ubuntu.com/security/notices/USN-1628-1
ubuntu.com/security/notices/USN-1898-1
www.cve.org/CVERecord?id=CVE-2012-4929