• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mozilla Thunderbird Insecure SMTP Authentication Protocol Negotiation Weakness

Mozilla Thunderbird is prone to an insecure SMTP authentication protocol negotiation weakness.

Reports indicate that the application uses PLAIN authentication if CRAM-MD5 or STARTTLS between a client and a server cannot be established. This can allow an attacker to obtain credentials by sniffing network traffic.

This issue can also allow an attacker to carry out man in the middle attacks by establishing a malicious server and causing CRAM-MD5 or STARTTLS to fail followed by harvesting authentication credentials of vulnerable users.

Mozilla Thunderbird 1.0.7 and 1.5 Beta 2 were reported to be vulnerable. Other versions may be affected as well.