Vigil@nce: Mutt, incorrect validation of certification chain
June 2009 by Marc Jacob
An attacker can offer an invalid certification chain for SSL,
which is not detected by Mutt.
Severity: 1/4
Consequences: data reading
Provenance: intranet server
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 10/06/2009
IMPACTED PRODUCTS
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The version 1.5.19 of the Mutt email client supports X.509
certification chains, with intermediary certification authorities.
Mutt checks each individual certificate in the chain, but does not
check if the chain itself is valid.
An attacker can therefore offer an invalid certification chain for
SSL, which is not detected by Mutt. The attacker can therefore
read data of a Mutt session.
CHARACTERISTICS
Identifiers: BID-35288, CVE-2009-1390, VIGILANCE-VUL-8790
http://vigilance.fr/vulnerability/Mutt-incorrect-validation-of-certification-chain-8790