About Us
Careers
Our Partners
Publications
Media
Insights
Contact Us
Research centers
Seminars
Back to Insights

Opossum Attack

Published by: Technology Innovation Institute
08 Jul 2025
TII
Cryptography
Cybersecurity
TLS
OpossumAttack
CryptoProtocols
ResearchExcellence
Opossum Attack

At TII, our latest research at the Cryptography Research Center has uncovered a fundamental vulnerability in how many application-layer protocols integrate with TLS - the cornerstone of modern secure communication.

In cooperation with the University Paderborn (Germany) and Ruhr University Bochum (Germany), we discovered that when servers support both implicit TLS (like HTTPS) and opportunistic TLS (also known as STARTTLS), inconsistencies at the application layer can be exploited. This opens the door to desynchronization attacks, where an attacker can misalign the client and server communication states. The flaw is present in the standards themselves, affecting all implementations. The flaw has been present in the specification since it was originally written in the end of 1990s.

Our "Opossum Attack" shows how a malicious actor can still exploit the authentication flaw in the ALPACA attack, even when all known countermeasures to the ALPACA attack are in place. In the context of HTTP, this allows an attacker:

  • To return a response to the client for a request it did not make (Content Confusion)
  • To force a user into a session of the attacker (Session Fixation)
  • To amplify the impact of XSS vulnerabilities
  • To bypass CSRF countermeasures (CSRF Token Fixation)

Many popular application layer protocols are affected by the attack, like HTTP(S), FTP(S), POP3(S), and SMTP(S), with particular exploit feasibility demonstrated on HTTP (RFC 2817).

What is the impact?  

Fortunately, the impact of the attack is quite low. We identified 2,268 HTTP servers that are vulnerable to our exploits on RFC 2817, with an additional 2.9 million servers affected by the currently non-exploitable issues in other affected protocols, including:

  • 1.4M+ IMAP
  • 1.1M+ POP3
  • 243K+ SMTP
  • 219k+ FTP

 

While most protocols exhibit only theoretical vulnerabilities by violating formal security guarantees, the demonstrated attack paths on HTTP servers are concrete. This reinforces the need for re-evaluating legacy TLS integrations and prompts a broader discussion around secure protocol design. In response to the vulnerability, Apache2 deprecated opportunistic HTTP and is tracking the vulnerability under CVE-2025-49812 and Cyrus IMAPd disabled opportunistic TLS by default.

This work reflects TII’s mission to pioneer advanced research that informs both secure systems and the standards that govern them. While the number of actively exploitable systems remains small, the implications are far-reaching, especially in embedded and legacy contexts.