CVE-2012-4929

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.

References

http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/

http://code.google.com/p/chromium/issues/detail?id=139744

http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html

http://jvn.jp/en/jp/JVN65273415/index.html

http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html

http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html

http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html

http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html

http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html

http://marc.info/?l=bugtraq&m=136612293908376&w=2

http://news.ycombinator.com/item?id=4510829

http://rhn.redhat.com/errata/RHSA-2013-0587.html

http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor

http://support.apple.com/kb/HT5784

http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312

http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512

http://www.debian.org/security/2012/dsa-2579

http://www.debian.org/security/2013/dsa-2627

http://www.debian.org/security/2015/dsa-3253

http://www.ekoparty.org/2012/thai-duong.php

http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091

http://www.securityfocus.com/bid/55704

http://www.theregister.co.uk/2012/09/14/crime_tls_attack/

http://www.ubuntu.com/usn/USN-1627-1

http://www.ubuntu.com/usn/USN-1628-1

http://www.ubuntu.com/usn/USN-1898-1

https://bugzilla.redhat.com/show_bug.cgi?id=857051

https://chromiumcodereview.appspot.com/10825183

https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls

https://gist.github.com/3696912

https://github.com/mpgn/CRIME-poc

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920

https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212

Details

Source: MITRE

Published: 2012-09-15

Updated: 2018-04-22

Type: CWE-310

Risk Information

CVSS v2

Base Score: 2.6

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 4.9

Severity: LOW

Tenable Plugins

View all (32 total)

IDNameProductFamilySeverity
127177NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl098e Multiple Vulnerabilities (NS-SA-2019-0020)NessusNewStart CGSL Local Security Checks
critical
88107Debian DLA-400-1 : pound security update (BEAST) (POODLE)NessusDebian Local Security Checks
low
83306Debian DSA-3253-1 : pound - security update (POODLE)NessusDebian Local Security Checks
low
79532OracleVM 3.2 : onpenssl (OVMSA-2014-0008)NessusOracleVM Local Security Checks
high
79531OracleVM 2.2 : openssl (OVMSA-2014-0007)NessusOracleVM Local Security Checks
high
79013RHEL 6 : rhevm-spice-client (RHSA-2014:0416)NessusRed Hat Local Security Checks
high
78952RHEL 6 : rhev-hypervisor6 (RHSA-2013:0636)NessusRed Hat Local Security Checks
high
78139F5 Networks BIG-IP : CRIME vulnerability via TLS 1.2 protocol (K14054)NessusF5 Networks Local Security Checks
low
75185openSUSE Security Update : openssl (openSUSE-SU-2013:1630-1)NessusSuSE Local Security Checks
low
74885openSUSE Security Update : libqt4 (openSUSE-SU-2013:0157-1)NessusSuSE Local Security Checks
medium
74796openSUSE Security Update : libqt4 (openSUSE-SU-2012:1420-1)NessusSuSE Local Security Checks
low
70085GLSA-201309-12 : Apache HTTP Server: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
69730Amazon Linux AMI : openssl (ALAS-2013-171)NessusAmazon Linux Local Security Checks
medium
68768Oracle Linux 5 / 6 : openssl (ELSA-2013-0587)NessusOracle Linux Local Security Checks
medium
67189Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : openssl vulnerability (USN-1898-1)NessusUbuntu Local Security Checks
low
801016Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)Log Correlation EngineOperating System Detection
high
6857Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)Nessus Network MonitorWeb Clients
critical
66809Mac OS X Multiple Vulnerabilities (Security Update 2013-002)NessusMacOS X Local Security Checks
critical
66808Mac OS X 10.8.x < 10.8.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
65776Fedora 18 : mingw-openssl-1.0.1e-1.fc18 (2013-4403)NessusFedora Local Security Checks
low
65719SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 8517)NessusSuSE Local Security Checks
medium
65718SuSE 11.2 Security Update : OpenSSL (SAT Patch Number 7548)NessusSuSE Local Security Checks
medium
65061CentOS 5 / 6 : openssl (CESA-2013:0587)NessusCentOS Local Security Checks
medium
65022Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64 (20130304)NessusScientific Linux Local Security Checks
medium
65004RHEL 5 / 6 : openssl (RHSA-2013:0587)NessusRed Hat Local Security Checks
medium
64663Debian DSA-2627-1 : nginx - information leakNessusDebian Local Security Checks
low
64662Debian DSA-2626-1 : lighttpd - several issuesNessusDebian Local Security Checks
medium
64192SuSE 11.2 Security Update : Qt4 (SAT Patch Number 6935)NessusSuSE Local Security Checks
low
63114Debian DSA-2579-1 : apache2 - Multiple issuesNessusDebian Local Security Checks
medium
62870Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : qt4-x11 vulnerability (USN-1628-1)NessusUbuntu Local Security Checks
low
62869Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : apache2 vulnerabilities (USN-1627-1)NessusUbuntu Local Security Checks
low
62565Transport Layer Security (TLS) Protocol CRIME VulnerabilityNessusGeneral
low