By observing the length of compressed HTTPS responses, an attacker may be able to derive plaintext secrets from the ciphertext of an HTTPS stream.
Angelo Prado of Salesforce.com reports:
Extending the CRIME vulnerability presented at Ekoparty 2012, an attacker can target HTTPS responses to recover data from the response body.
A sophisticated attacker may be able to derive plaintext secrets from the ciphertext in an HTTPS stream.
We are currently unaware of a practical solution to this problem. Please consider the following workarounds.
Some of these mitigations may protect entire applications, while others may only protect individual web pages.
Apache HTTP Server Project
Thanks goes to the following individuals for reporting this vulnerability: Angelo Prado, Salesforce.com Neal Harris, Square Yoel Gluck, Salesforce.com
This document was written by Todd Lewellen.
|Date First Published:||2013-08-02|
|Date Last Updated:||2013-08-08 17:46 UTC|