Vulnerabilities > CVE-2005-3256 - Unspecified vulnerability in Enigmail
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN enigmail
nessus
Summary
The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message.
Vulnerable Configurations
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-889.NASL description Hadmut Danish discovered a bug in enigmail, GPG support for Mozilla MailNews and Mozilla Thunderbird, that can lead to the encryption of mail with the wrong public key, hence, potential disclosure of confidential data to others. last seen 2020-06-01 modified 2020-06-02 plugin id 22755 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22755 title Debian DSA-889-1 : enigmail - programming error code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-889. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(22755); script_version("1.15"); script_cvs_date("Date: 2019/08/02 13:32:19"); script_cve_id("CVE-2005-3256"); script_xref(name:"CERT", value:"805121"); script_xref(name:"DSA", value:"889"); script_name(english:"Debian DSA-889-1 : enigmail - programming error"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Hadmut Danish discovered a bug in enigmail, GPG support for Mozilla MailNews and Mozilla Thunderbird, that can lead to the encryption of mail with the wrong public key, hence, potential disclosure of confidential data to others." ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335731" ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2005/dsa-889" ); script_set_attribute( attribute:"solution", value: "Upgrade the enigmail packages. The old stable distribution (woody) does not contain enigmail packages. For the stable distribution (sarge) this problem has been fixed in version 0.91-4sarge2." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:enigmail"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1"); script_set_attribute(attribute:"patch_publication_date", value:"2005/11/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.1", prefix:"mozilla-enigmail", reference:"0.91-4sarge2")) flag++; if (deb_check(release:"3.1", prefix:"mozilla-thunderbird-enigmail", reference:"0.91-4sarge2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-211-1.NASL description Hadmut Danish discovered an information disclosure vulnerability in the key selection dialog of the Mozilla/Thunderbird enigmail plugin. If a user last seen 2020-06-01 modified 2020-06-02 plugin id 20629 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20629 title Ubuntu 4.10 / 5.04 / 5.10 : enigmail vulnerability (USN-211-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-211-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(20629); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:33:00"); script_cve_id("CVE-2005-3256"); script_xref(name:"USN", value:"211-1"); script_name(english:"Ubuntu 4.10 / 5.04 / 5.10 : enigmail vulnerability (USN-211-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Hadmut Danish discovered an information disclosure vulnerability in the key selection dialog of the Mozilla/Thunderbird enigmail plugin. If a user's keyring contained a key with an empty user id (i. e. a key without a name and email address), this key was selected by default when the user attempted to send an encrypted email. Unless this empty key was manually deselected, the message got encrypted for that empty key, whose owner could then decrypt it. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"solution", value: "Update the affected mozilla-enigmail and / or mozilla-thunderbird-enigmail packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mozilla-enigmail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-enigmail"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:4.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10"); script_set_attribute(attribute:"patch_publication_date", value:"2005/10/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(4\.10|5\.04|5\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 4.10 / 5.04 / 5.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"4.10", pkgname:"mozilla-enigmail", pkgver:"0.92.1-0ubuntu04.10")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"mozilla-thunderbird-enigmail", pkgver:"0.92.1-0ubuntu04.10")) flag++; if (ubuntu_check(osver:"5.04", pkgname:"mozilla-enigmail", pkgver:"0.92.1-0ubuntu05.04")) flag++; if (ubuntu_check(osver:"5.04", pkgname:"mozilla-thunderbird-enigmail", pkgver:"0.92.1-0ubuntu05.04")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mozilla-enigmail", pkgver:"0.92.1-0ubuntu05.10")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mozilla-thunderbird-enigmail", pkgver:"0.92.1-0ubuntu05.10")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mozilla-enigmail / mozilla-thunderbird-enigmail"); }NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-226.NASL description A bug in enigmail, the GPG support extension for Mozilla MailNews and Mozilla Thunderbird was discovered that could lead to the encryption of an email with the wrong public key. This could potentially disclose confidential data to unintended recipients. The updated packages have been patched to prevent this problem. last seen 2020-06-01 modified 2020-06-02 plugin id 20457 published 2006-01-15 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/20457 title Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2005:226) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2005:226. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(20457); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:48"); script_cve_id("CVE-2005-3256"); script_bugtraq_id(15155); script_xref(name:"MDKSA", value:"2005:226"); script_name(english:"Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2005:226)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A bug in enigmail, the GPG support extension for Mozilla MailNews and Mozilla Thunderbird was discovered that could lead to the encryption of an email with the wrong public key. This could potentially disclose confidential data to unintended recipients. The updated packages have been patched to prevent this problem." ); script_set_attribute( attribute:"solution", value: "Update the affected mozilla-thunderbird, mozilla-thunderbird-enigmail and / or mozilla-thunderbird-enigmime packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmime"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006"); script_set_attribute(attribute:"patch_publication_date", value:"2005/12/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-1.0.6-7.2.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-1.0.6-7.2.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmime-1.0.6-7.2.20060mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
References
- http://www.cert.dfn.de/infoserv/dsb/dsb-2005-01.html
- http://www.cert.dfn.de/infoserv/dsb/dsb-2005-01.html
- http://www.debian.org/security/2005/dsa-889
- http://www.debian.org/security/2005/dsa-889
- http://www.kb.cert.org/vuls/id/805121
- http://www.kb.cert.org/vuls/id/805121
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:226
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:226
- http://www.novell.com/linux/security/advisories/2005_28_sr.html
- http://www.novell.com/linux/security/advisories/2005_28_sr.html
- http://www.securityfocus.com/bid/15155
- http://www.securityfocus.com/bid/15155
- http://www.vupen.com/english/advisories/2005/2158
- http://www.vupen.com/english/advisories/2005/2158
- https://usn.ubuntu.com/211-1/
- https://usn.ubuntu.com/211-1/