SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Browser)  >   Opera Vendors:   Opera Software
Opera TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
SecurityTracker Alert ID:  1028085
SecurityTracker URL:  http://securitytracker.com/id/1028085
CVE Reference:   CVE-2013-1618   (Links to External Site)
Date:  Feb 6 2013
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): prior to 12.13
Description:   A vulnerability was reported in Opera. A remote user can recover plaintext in certain cases.

A user with low latency access to the target system's network can send specially crafted encrypted data and monitor the response timing to determine the plaintext contents of the data. For certain message lengths where the HMAC-SHA1 MAC algorithm is used, TLS messages containing at least two bytes of correct padding will be processed slightly faster than TLS messages containing one byte of correct padding or padding that is incorrectly formatted. By analyzing the timing variations over a large number of connections, the original plaintext can be determined.

This attack is known as the 'Lucky Thirteen' attack.

The vulnerability resides in the TLS/DTLS protocol specification.

The original advisory is available at:

http://www.isg.rhul.ac.uk/tls/

Nadhem J. AlFardan and Kenneth G. Paterson of the Information Security Group Royal Holloway, University of London, reported this vulnerability.

Impact:   A remote user can recover plaintext.
Solution:   The vendor has issued a fix (12.13).

The vendor's advisory is available at:

http://www.opera.com/support/kb/view/1044/

Vendor URL:  www.opera.com/support/kb/view/1044/ (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any), UNIX (FreeBSD), UNIX (macOS/OS X), UNIX (Solaris - SunOS), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC