Mozilla Thunderbird < 2.0.0.23 Certificate Authority (CA) Common Null Byte Handling SSL MiTM Weakness

Medium Log Correlation Engine Plugin ID 801349

Synopsis

The remote host contains a mail client that is affected by a security bypass vulnerability.

Description

The installed version of Mozilla Thunderbird is earlier than 2.0.0.23. Such versions are potentially affected by the following security issue :

- The client can be fooled into trusting a malicious SSL server certificate with a null character in the host name. (MFSA 2009-42)

Solution

Upgrade to Thunderbird 2.0.0.23 or later.

See Also

http://.mozilla.org/security/announce/2009/mfsa2009-42.html

Plugin Details

Severity: Medium

ID: 801349

File Name: 801349.prm

Family: SMTP Clients

Published: 2010/03/04

Nessus ID: 40664

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.4

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2009/08/20

Vulnerability Publication Date: 2009/07/30

Reference Information

CVE: CVE-2009-2408

BID: 35888