#VU41901 Information disclosure in trojita - CVE-2014-2567

Cybersecurity Help s.r.o.

Published: 2014-03-21 | Updated: 2020-08-10

Vulnerability identifier: #VU41901

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2014-2567

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
trojita

Vendor: KDE.org

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita before 0.4.1 allows man-in-the-middle attackers to trigger use of cleartext for saving a message into a (1) sent or (2) draft folder via a PREAUTH response that prevents later use of the STARTTLS command.

Mitigation
Install update from vendor's website.

Vulnerable software versions

trojita: 0.1 - 0.3.96

External links
https://jkt.flaska.net/blog/Trojita_0_4_1__a_security_update_for_CVE_2014_2567.html
https://github.com/jktjkt/trojita/commit/25fffa3e25cbad85bbca804193ad336b090a9ce1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in KDE trojita