SB2017122703 - Multiple vulnerabilities in enigmail.mozdev Enigmail

Description

This security bulletin contains information about 5 vulnerabilities.

1) Cleartext transmission of sensitive information (CVE-ID: CVE-2017-17844)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block (that the attacker cannot directly decrypt) to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted text, aka the TBE-01-005 "replay" issue.

2) Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (CVE-ID: CVE-2017-17845)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs because Math.Random() is used by pretty Easy privacy (pEp), aka TBE-01-001.

3) Input validation error (CVE-ID: CVE-2017-17846)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An issue was discovered in Enigmail before 1.9.9. Regular expressions are exploitable for Denial of Service, because of attempts to match arbitrarily long strings, aka TBE-01-003.

4) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2017-17847)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI does not properly distinguish between an attachment signature, and a signature that applies to the entire containing message, aka TBE-01-021. This is demonstrated by an e-mail message with an attachment that is a signed e-mail message in message/rfc822 format.

5) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2017-17848)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature spoofing is possible for multipart/related messages because a signed message part can be referenced with a cid: URI but not actually displayed. In other words, the entire containing message appears to be signed, but the recipient does not see any of the signed text.

Remediation

Install update from vendor's website.

References

• https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
• https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html
• https://lists.debian.org/debian-security-announce/2017/msg00333.html
• https://www.debian.org/security/2017/dsa-4070
• https://www.mail-archive.com/enigmail-users@enigmail.net/msg04280.html
• https://sourceforge.net/p/enigmail/bugs/709/
• http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
• http://seclists.org/fulldisclosure/2019/Apr/38
• http://www.openwall.com/lists/oss-security/2019/04/30/4
• https://github.com/RUB-NDS/Johnny-You-Are-Fired
• https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf