[MlMt] Is MailMate susceptible to this vulnerability? CVE-2020-11879 CVE-2020-11880 CVE-2020-4089

Greg Earle earle at isolar.DynDNS.ORG
Fri Aug 21 13:53:06 EDT 2020

Previous message (by thread): [MlMt] Is MailMate susceptible to this vulnerability? CVE-2020-11879 CVE-2020-11880 CVE-2020-4089
Next message (by thread): [MlMt] Is MailMate susceptible to this vulnerability? CVE-2020-11879 CVE-2020-11880 CVE-2020-4089
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 20 Aug 2020, at 11:38, Benny Kjær Nielsen wrote:

> Just a quick review: The paper does not state the version of MailMate 
> used for the tests and the public release of MailMate does not behave 
> as described in the paper.  The paper describes three issues labelled 
> A1-A3.

Benny:

According to CVE-2020-12619

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12619

--
Description

MailMate before 1.11 automatically imported S/MIME certificates and 
thereby silently replaced existing ones.  This allowed a 
man-in-the-middle attacker to obtain an email-validated S/MIME 
certificate from a trusted CA and replace the public key of the entity 
to be impersonated.  This enabled the attacker to decipher further 
communication.  The entire attack could be accomplished by sending a 
single email.
--

Even though this is a different CVE than the ones mentioned in the ZDNET 
article, maybe this is where they got the version of MailMate used in 
the tests.

(How do they come up with this stuff?  I mean, who the heck is even 
using MailMate 1.10 or earlier anymore?)

		- Greg

Previous message (by thread): [MlMt] Is MailMate susceptible to this vulnerability? CVE-2020-11879 CVE-2020-11880 CVE-2020-4089
Next message (by thread): [MlMt] Is MailMate susceptible to this vulnerability? CVE-2020-11879 CVE-2020-11880 CVE-2020-4089
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the mailmate mailing list