CVE-2012-4929 Information
Description
The TLS protocol 1.2 and earlier as used in Mozilla Firefox Google Chrome Qt and other products can encrypt compressed data without properly obfuscating the length of the unencrypted data which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header aka a \CRIME\ attack.
Reference
http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/ http://code.google.com/p/chromium/issues/detail?id=139744 http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html http://jvn.jp/en/jp/JVN65273415/index.html http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html http://marc.info/?l=bugtraq&m=136612293908376&w=2 http://news.ycombinator.com/item?id=4510829 http://rhn.redhat.com/errata/RHSA-2013-0587.html http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor http://support.apple.com/kb/HT5784 http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312 http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512 http://www.debian.org/security/2012/dsa-2579 http://www.debian.org/security/2013/dsa-2627 http://www.debian.org/security/2015/dsa-3253 http://www.ekoparty.org/2012/thai-duong.php http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091 http://www.securityfocus.com/bid/55704 http://www.theregister.co.uk/2012/09/14/crime_tls_attack/ http://www.ubuntu.com/usn/USN-1627-1 http://www.ubuntu.com/usn/USN-1628-1 http://www.ubuntu.com/usn/USN-1898-1 https://bugzilla.redhat.com/show_bug.cgi?id=857051 https://chromiumcodereview.appspot.com/10825183 https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls https://gist.github.com/3696912 https://github.com/mpgn/CRIME-poc https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A18920 https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212
Share on: