CVE-2011-3389: ssl CBC IV attack

The ssl module would always disable the CBC IV attack countermeasure. Disable OpenSSL SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option.

  • Disclosure date: 2012-01-27 (Python issue #13885 reported)
  • Reported by: Apple security team

Fixed In

Python issue

CVE-2011-3389: _ssl module always disables the CBC IV attack countermeasure.

  • Python issue: issue #13885
  • Creation date: 2012-01-27
  • Reporter: Antoine Pitrou

CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a “BEAST” attack.

Timeline

Timeline using the disclosure date 2012-01-27 as reference:

  • 2011-09-06 (-143 days): CVE-2011-3389 published
  • 2012-01-27: Python issue #13885 reported by Antoine Pitrou
  • 2012-01-27 (+0 days): commit d358e05
  • 2012-01-27 (+0 days): commit f2bf8a6
  • 2012-04-08 (+72 days): Python 3.1.5 released
  • 2012-04-09 (+73 days): Python 2.7.3 released
  • 2012-04-10 (+74 days): Python 2.6.8 released
  • 2012-04-10 (+74 days): Python 3.2.3 released
  • 2012-09-29: Python 3.3.0 released