Mozilla Thunderbird < 2.0.0.23 Certificate Authority (CA) Common Null Byte Handling SSL MiTM Weakness

medium Log Correlation Engine Plugin ID 801349

Synopsis

The remote host contains a mail client that is affected by a security bypass vulnerability.

Description

The installed version of Mozilla Thunderbird is earlier than 2.0.0.23. Such versions are potentially affected by the following security issue :

- The client can be fooled into trusting a malicious SSL server certificate with a null character in the host name. (MFSA 2009-42)

Solution

Upgrade to Thunderbird 2.0.0.23 or later.

See Also

http://.mozilla.org/security/announce/2009/mfsa2009-42.html

Plugin Details

Severity: Medium

ID: 801349

Family: SMTP Clients

Published: 3/4/2010

Nessus ID: 40664

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Information

Patch Publication Date: 8/20/2009

Vulnerability Publication Date: 7/30/2009

Reference Information

CVE: CVE-2009-2408

BID: 35888