Vigil@nce - Tornado: information disclosure via BREACH
December 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use the BREACH attack on Tornado, in order to
obtain a cookie to perform operations on the service.
– Impacted products: Fedora, openSUSE.
– Severity: 1/4.
– Creation date: 16/11/2015.
DESCRIPTION OF THE VULNERABILITY
The Tornado product offers a web service with TLS.
However, an attacker can use a TLS BREACH attack
(VIGILANCE-VUL-13198) on messages, in order to guess the CSRF
session cookie.
An attacker can therefore use the BREACH attack on Tornado, in
order to obtain a cookie to perform operations on the service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Tornado-information-disclosure-via-BREACH-18314