The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability note CVE-2005-3256

Enigmail: encryption for an unspecified recipient

Synthesis of the vulnerability

When user keyring contains a key with an empty uid, this key is selected to encrypt the message.
Impacted software: Debian, Mandriva Linux, Mozilla Suite, Thunderbird, openSUSE.
Severity of this computer vulnerability: 3/4.
Consequences of a hack: data reading.
Attacker's origin: internet server.
Creation date: 13/09/2005.
Références of this announce: BID-15155, CVE-2005-3256, DSA-889-1, MDKSA-2005:226, SUSE-SR:2005:028, VIGILANCE-VUL-5194, VU#805121.

Description of the vulnerability

Enigmail extension signs and encrypts emails with GnuPG.

User keyring contains publics keys for other users. When user encrypts a message, a dialog box may appear asking him to select recipient keys.

However, if a key has an empty uid field, it is selected by default. User may not see it has been selected if his keyring contains many keys.

An attacker can therefore convince user to add a key in his keyring, then capture sent messages in order to decrypt them.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a networks vulnerabilities patch. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The technology watch team tracks security threats targeting the computer system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.