Crime stands for "Compression Ratio Info-leak Made Easy". It allows an attacker to perform session hijacking on an authenticated web session, allowing the launching of further attacks. HTTPS session cookies decrypted by using brute force. Obtained cookie can be used for log in victim's account.
CRIME works against TLS/SSL Compression and SPDY. The recent statistics show that about 42% of the servers support SSL compression and 0.8% supports SPDY.
To avoid from Crime attack, disable SSL compression.
Apachi version 2.4.3. and following Nginx versions are vulnerable to Crime.