ssl CBC IV attack


This resource is maintained for historical reference and does not contain the latest vulnerability info for Python.

The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format. This vulnerability can be viewed online at the Open Source Vulnerability Database.

The ssl module would always disable the CBC IV attack countermeasure. Disable OpenSSL SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option.


  • Disclosure date: 2012-01-27 (Python issue bpo-13885 reported)
  • Reported by: Apple security team

Fixed In

Python issue

CVE-2011-3389: _ssl module always disables the CBC IV attack countermeasure.

  • Python issue: bpo-13885
  • Creation date: 2012-01-27
  • Reporter: Antoine Pitrou


The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a “BEAST” attack.


Timeline using the disclosure date 2012-01-27 as reference:

  • 2011-09-06 (-143 days): CVE-2011-3389 published
  • 2012-01-27: Python issue bpo-13885 reported by Antoine Pitrou
  • 2012-01-27: commit d358e05 (branch 2.6)
  • 2012-01-27: commit f2bf8a6 (branch 2.7)
  • 2012-04-06 (+70 days): Python 3.1.5 released
  • 2012-04-09 (+73 days): Python 2.7.3 released
  • 2012-04-10 (+74 days): Python 2.6.8 released
  • 2012-04-10 (+74 days): Python 3.2.3 released
  • 2012-09-29: Python 3.3.0 released