857737 – (CVE-2012-4930) CVE-2012-4930 SPDY: SSL/TLS CRIME attack

Bug 857737 (CVE-2012-4930) - CVE-2012-4930 SPDY: SSL/TLS CRIME attack

Summary: CVE-2012-4930 SPDY: SSL/TLS CRIME attack

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2012-4930
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	CVE-2012-3977 (view as bug list)
Depends On:
Blocks:	855407
TreeView+	depends on / blocked

Reported:	2012-09-16 16:44 UTC by Tomas Hoger
Modified:	2021-02-23 13:52 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-09-16 16:51:41 UTC

Attachments	(Terms of Use)

Description Tomas Hoger 2012-09-16 16:44:28 UTC

CVE-2012-4930 was assigned to the following issue:

The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown
string in an HTTP header, aka a "CRIME" attack.

References:

http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/
http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html
http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312
http://www.ekoparty.org/2012/thai-duong.php
http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091
http://www.theregister.co.uk/2012/09/14/crime_tls_attack/
https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls

Comment 1 Tomas Hoger 2012-09-16 16:51:41 UTC

Reporters of the CRIME attack have published two variants of the attack:

- SSL/TLS connection with zlib compression - that issue got CVE-2012-4929 and is tracked via bug 857051
- SPDY protocol with header compression used over SSL/TLS connection without zlib compression, tracked via this bug

Bug 857051 already contains additional information and links regarding the CRIME attack.  It also notes (in bug 857051, comment 4) that Mozilla Firefox versions shipped with Red Hat Enterprise Linux 5 and 6 do not support SPDY protocol, and are therefore unaffected by the SPDY attack vector.

Statement:

Not vulnerable. This issue did not affect the versions of Firefox as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include SPDY protocol support.

Comment 2 Tomas Hoger 2012-09-24 07:41:27 UTC

*** Bug 859827 has been marked as a duplicate of this bug. ***

Comment 3 Tomas Hoger 2012-09-24 16:25:24 UTC

Adam Langley's (Google developer working on Chrome) blog post explaining some details of the attack, change that was applied to block SPDY attack variant (SPDY compression was disabled in Firefox 15 and Chrome 21), and some changes planned for future SPDY versions that would allow re-enabling header compression without re-introducing this problem.

http://www.imperialviolet.org/2012/09/21/crime.html

Note You need to log in before you can comment on or make changes to this bug.