Detections
Analytics
Mozilla Thunderbird 3.1.x < 3.1.14 Untrusted CA
medium Nessus Plugin ID 56121
Language:
Synopsis
The remote Windows host contains a mail client that contains support for an untrustworthy certificate authority.Description
The installed version of Thunderbird 3.1.x is earlier than 3.1.14. Due to a recent attack against certificate authority DigiNotar, Mozilla has added explicit distrust to the DigiNotar root certificate and several intermediates in this version of Thunderbird.Note this is a further fix to MFSA 2011-34, which removed the DigiNotar root certificate.
Solution
Upgrade to Thunderbird 3.1.14 or later.See Also
https://www.mozilla.org/en-US/security/advisories/mfsa2011-35/
Plugin Details
Severity: Medium
ID: 56121
File Name: mozilla_thunderbird_3114.nasl
Version: Revision: 1.4
Type: local
Agent: windows
Family: Windows
Published: 9/8/2011
Updated: 6/9/2017
Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/a:mozilla:thunderbird
Required KB Items: Mozilla/Thunderbird/Version
Patch Publication Date: 9/6/2011
Vulnerability Publication Date: 9/6/2011