Transport Layer Security (TLS) Protocol CRIME Vulnerability
Medium Nessus Plugin ID 62565
The remote service has a configuration that may make it vulnerable to the CRIME attack.
The remote service has one of two configurations that are known to be required for the CRIME attack : - SSL / TLS compression is enabled. - TLS advertises the SPDY protocol earlier than version 4. Note that Nessus did not attempt to launch the CRIME attack against the remote service.