CRIME-Vulnerability/EN/Background: Unterschied zwischen den Versionen
(Die Seite wurde neu angelegt: „The exploited vulnerability (CRIME) is a combination of chosen plain text attack and unintentional information leakage caused by data compression. CRIME can be…“) |
|||
| Zeile 1: | Zeile 1: | ||
| − | The exploited vulnerability (CRIME) is a combination of chosen plain text attack and unintentional information leakage caused by data compression. CRIME can be prevented by disabling the use of compression, either on the client side, if the browser disables the compression of SPDY requests, or if the web page prevents the use of data compression for such transactions using the protocol negotiation characteristics of the TLS protocol. | + | The exploited vulnerability ([https://en.wikipedia.org/wiki/CRIME]) is a combination of chosen plain text attack and unintentional information leakage caused by data compression. CRIME can be prevented by disabling the use of compression, either on the client side, if the browser disables the compression of SPDY requests, or if the web page prevents the use of data compression for such transactions using the protocol negotiation characteristics of the [https://en.wikipedia.org/wiki/Transport_Layer_Security TLS] protocol. |
Version vom 6. Februar 2019, 15:55 Uhr
The exploited vulnerability ([1]) is a combination of chosen plain text attack and unintentional information leakage caused by data compression. CRIME can be prevented by disabling the use of compression, either on the client side, if the browser disables the compression of SPDY requests, or if the web page prevents the use of data compression for such transactions using the protocol negotiation characteristics of the TLS protocol.
