.. _ssl-cbc-iv-attack:

ssl CBC IV attack
=================

.. warning::
    This resource is maintained for historical reference and **does not contain the latest vulnerability info for Python**.

    The `canonical database for vulnerabilities affecting Python <https://github.com/psf/advisory-database>`_ is available on GitHub
    in the Open Source Vulnerability (OSV) format. This vulnerability can be viewed online at the
    `Open Source Vulnerability Database <https://osv.dev/list?ecosystem=&q=CVE-2011-3389>`_.

The ssl module would always disable the CBC IV attack countermeasure.
Disable OpenSSL ``SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS`` option.

Dates:

* Disclosure date: **2012-01-27** (Python issue bpo-13885 reported)
* Reported by: Apple security team

Fixed In
--------

* Python **2.6.8** (2012-04-10) fixed by `commit d358e05 (branch 2.6) <https://github.com/python/cpython/commit/d358e0554bc520768041652676ec8e6076f221a9>`_ (2012-01-27)
* Python **2.7.3** (2012-04-09) fixed by `commit d358e05 (branch 2.6) <https://github.com/python/cpython/commit/d358e0554bc520768041652676ec8e6076f221a9>`_ (2012-01-27)
* Python **3.1.5** (2012-04-06) fixed by `commit f2bf8a6 (branch 2.7) <https://github.com/python/cpython/commit/f2bf8a6ac51530e14d798a03c8e950dd934d85cd>`_ (2012-01-27)
* Python **3.2.3** (2012-04-10) fixed by `commit f2bf8a6 (branch 2.7) <https://github.com/python/cpython/commit/f2bf8a6ac51530e14d798a03c8e950dd934d85cd>`_ (2012-01-27)
* Python **3.3.0** (2012-09-29) fixed by `commit f2bf8a6 (branch 2.7) <https://github.com/python/cpython/commit/f2bf8a6ac51530e14d798a03c8e950dd934d85cd>`_ (2012-01-27)

Python issue
------------

CVE-2011-3389: _ssl module always disables the CBC IV attack countermeasure.

* Python issue: `bpo-13885 <https://bugs.python.org/issue13885>`_
* Creation date: 2012-01-27
* Reporter: Antoine Pitrou

CVE-2011-3389
-------------

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

* CVE ID: `CVE-2011-3389 <https://nvd.nist.gov/vuln/detail/CVE-2011-3389/>`_
* Published: 2011-09-06
* `CVSS Score <https://nvd.nist.gov/cvss.cfm>`_: 4.3

Timeline
--------

Timeline using the disclosure date **2012-01-27** as reference:

* 2011-09-06 (**-143 days**): CVE-2011-3389 published
* 2012-01-27: `Python issue bpo-13885 <https://bugs.python.org/issue13885>`_ reported by Antoine Pitrou
* 2012-01-27: `commit d358e05 (branch 2.6) <https://github.com/python/cpython/commit/d358e0554bc520768041652676ec8e6076f221a9>`_
* 2012-01-27: `commit f2bf8a6 (branch 2.7) <https://github.com/python/cpython/commit/f2bf8a6ac51530e14d798a03c8e950dd934d85cd>`_
* 2012-04-06 (**+70 days**): Python 3.1.5 released
* 2012-04-09 (**+73 days**): Python 2.7.3 released
* 2012-04-10 (**+74 days**): Python 2.6.8 released
* 2012-04-10 (**+74 days**): Python 3.2.3 released
* 2012-09-29: Python 3.3.0 released