OpenSUSE Linux update for enigmail



Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2017-17688
CVE-2017-17689
CWE-ID CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
openSUSE Leap
Operating systems & Components / Operating system package or component

Vendor SDB

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU12646

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-17688

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to improper access controls. A remote attacker with access to a target user's PGP encrypted email message can exploit a property of Cipher Feedback Mode (CFB) by modifying known plaintext blocks (such as MIME headers). When the target user decrypts and views the modified email message, the target user's mail client will parse the resulting modified HTML content and disclose the original plaintext to a remote URL.

This exploit is the "CFB gadget" attack method of the vulnerability referred to as "EFAIL".

Various email clients or email client plugins that use OpenPGP or implement the PGP standard are affected.

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3 External links

https://lists.opensuse.org/opensuse-security-announce/2018-05/msg00096.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU12649

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-17689

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to improper access controls. A remote attacker with access to a target user's S/MIME encrypted email message can exploit a property of Cipher Feedback Mode (CFB) by modifying known plaintext blocks (such as MIME headers). When the target user decrypts and views the modified email message, the target user's mail client will parse the resulting modified HTML content and disclose the original plaintext to a remote URL.

This exploit is the "CFB gadget" attack method of the vulnerability referred to as "EFAIL".

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3 External links

https://lists.opensuse.org/opensuse-security-announce/2018-05/msg00096.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###