Infographic Template Galleries

Created with Fabric.js 1.4.5 A History of SSL Vulnerabilities May, 2011 BEAST - CVE-2011-3389Browser Exploit Against SSL/TLShttp://www.hit.bme.hu/~buttyan/courses/EIT-SEC/abib/04-TLS/BEAST.pdfThis exploit allows an attacker to retrieve sensitive data about the users connection, such as their cookie or otherauthentication token that may be transmitted in an HTTPS request. In order to exploit this vulnerability, the attackerhas to be able to inject javascript or some applet into the same origin as the website to be targeted, must be able tosniff/intercept the users communication with the server, and the SSL cipher being used for the communication mustbe a block cipher. September 2012 - CRIME - CVE-2012-4929Compression Ratio Info-leak Made Easyhttp://www.ekoparty.org/archive/2012/CRIME_ekoparty2012.pdfCompression before encryption is performed is a common programming mistake, and in this case, allows an attackerto leak details about communication, such as the users cookie, which would then allow the attacker to impersonatethat user. In this situation, the attacker must be able to modify some part of the users request to the webserver inorder to include custom data, which the attacker will modify request after request, checking the length of the returnedresponse to determine how the message was compressed, and in the process, leak details about the contents of therequest. Most major browsers have removed support for SSL and SPDY compression, which has effectively mitigatedthis, however many organizations still keep older versions of IE around for compatibility reasons. February 2013 - LUCKY13 CVE-2013-0169Lucky Thirteenhttp://www.isg.rhul.ac.uk/tls/Lucky13.htmlLucky13 is an attack which affects both SSL3.0 and TLS1.0. It is a padding oracle attack against CBC ciphers.This Man-in-the-Middle attack is considered to be more efficient than either BEAST or CRIME, however it still mustmake many failed connections to the target webserver in order to perform statistical analysis on the responses.This can be detected and blocked server-side. August 2013 - BREACH CVE-2013-3587Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertexthttp://breachattack.com/resources/BREACH - SSL, gone in 30 seconds.pdfBREACH is very similar to CRIME, in that it is dealing with compression and encryption, however instead of attackingSSL-level compression, BREACH attacks HTTP-level compression. This attack requires that the web application reflectsome piece of user-controlled data in the response, and that a token such as a CRSF token must also be present inthe HTTP response body. It is estimated that this attack can be completed in under a minute, but depends onthe size of the secret to be guessed. September 2014 - POODLE - CVE-2014-3566Padding Oracle On Downgraded Legacy Encryptionhttps://www.openssl.org/~bodo/ssl-poodle.pdfPOODLE is another padding oracle attack against SSLv3 when CBC ciphers are in use. This attack also requires theattacker to be man-in-the-middle on the users session to the webserver so that they can intercept and modify theclients requests. This attack requires that the attacker make at most 256 requests per character of secret to beleaked. 1996 1994 1995 1996 2000 2006 2008 2011 2012 2013 2013 2014
Create Your Free Infographic!