Ubuntu 18.04 LTS / 20.04 LTS : KMail vulnerabilities (USN-7731-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7731-1 advisory. Damian Poddebniak, Christian Dresen, Jens Mller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jrg Schwenk...

Linux Distros Unpatched Vulnerability : CVE-2017-17689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

CVE-2017-17689

creationtimestamp| type| source ---|---|--- 2023-12-18 11:51:32+00:00| seen| https://t.me/arpsyndicate/1976...

openSUSE Security Update : enigmail (openSUSE-2019-395) (EFAIL)

This update for enigmail to version 2.0.5 fixes the following issues : Improvements on previous fixes on CVE-2017-17688, boo1093151 and CVE-2017-17689, boo1093152 EFAIL : - do not decrypt MIME parts unnecessarily - improve Error Message for Missing Message Modification Code %NASLMINLEVEL 70300 C...

openSUSE Security Update : enigmail (openSUSE-2019-368) (EFAIL)

This update for enigmail fixes multiple issues. Security issues fixed : - CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrity check warnings for old Algorithms bsc1093151 - CVE-2017-17689: CBC gadget attacks allows to...

openSUSE: Security Advisory for enigmail (openSUSE-SU-2018:1347-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] [DSA 4244-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4244-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 13, 2018 https://www.debian.org/security/faq -...

openSUSE Security Update : enigmail (openSUSE-2018-495) (EFAIL)

This update for enigmail to version 2.0.5 fixes the following issues : Improvements on previous fixes on CVE-2017-17688, boo1093151 and CVE-2017-17689, boo1093152 EFAIL : - do not decrypt MIME parts unnecessarily - improve Error Message for Missing Message Modification Code %NASLMINLEVEL 70300 C...

openSUSE Security Update : enigmail (openSUSE-2018-474) (EFAIL)

This update for enigmail fixes multiple issues. Security issues fixed : - CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrity check warnings for old Algorithms bsc1093151 - CVE-2017-17689: CBC gadget attacks allows to...

openSUSE Security Update : enigmail (openSUSE-2018-470) (EFAIL)

This update for enigmail to version 2.0.4 fixes multiple issues. Security issues fixed : - CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrity check warnings for old Algorithms bsc1093151 - CVE-2017-17689: CBC gadget...

UBUNTU-CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

CVE-2017-17689

CVE-2017-17689 arises from S/MIME CBC gadget attacks (EFAIL) that can lead to plaintext exfiltration. Connected sources show this affecting KDE PIM/KMail components and related mail tooling across Linux/macOS ecosystems, with public advisories describing how S/MIME/CBC malleability could leak pla...

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. Mitigation The easiest way to mitigate this vulnerability is not to use HTML emails. If you really need to use them ensure that MUA clients disable...