Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsFULL-DISCLOSURESECURITYVULNS:VULN:5353
HistoryOct 14, 2005 - 12:00 a.m.

Mozilla Thunderbird / Mozilla weak authentication downgrade

2005-10-1400:00:00
FULL-DISCLOSURE
vulners.com
17
JSON

If SMTP authentication with CRAM-MD5 or TLS hadshake fails mail agent downgrades to plain text authentication, allowing active man-in-the-middle attacks.

CPENameOperatorVersion
thunderbirdeq1.5
thunderbirdeq1.0
JSON