BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Claws Mail Plugins Certificate Verification Vulnerabilities

Disclosed March 11, 2014    Zeroday : 257 days

Vulnerability Description:

Claws Mail contains two vulnerabilities whereby an attacker may be permitted to perform spoofing attacks, allowing for man-in-the-middle interception of potentially sensitive information. These issues are caused by plugins within Claws Mail, vCalendar and RSSyl, that do not properly verify SSL certificates. 

Vendors:

Claws

Vulnerable Software/Devices:

Claws Mail 3.9.3 and possibly earlier versions

Vulnerability Severity:

Medium

Exploit Availability:

No Exploit Available

Exploit Impact:

Security Bypass
Because two plugins within Claws Mail do not properly verify SSL certificates, a remote attacker may spoof a mail server or similar server asset which Claws Mail is communicating with. By not verifying the SSL certificate properly, Claws Mail will continue to communicate with the spoofed server, possibly disclosing sensitive information to the attacker. 

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 33367 - Claws Mail 3.9.3 and Prior SSL Verification Issue (Zero-Day) - Windows
  • 33368 - Claws Mail 3.9.3 and Prior SSL Verification Issue (Zero-Day) - Windows x86
  • 33369 - Claws Mail 3.9.3 and Prior SSL Verification Issue (Zero-Day) - UNIX/Linux

Mitigation:

There are no mitigations currently available. Avoid using Claws Mail plugins vCalendar and RSSyl, if possible.

Links:

CVE(s):