Ximian Evolution Certificate Validation Flaw Allows Man-in-the-Middle Attacks
SecurityTracker Alert ID: 1005353|
SecurityTracker URL: http://securitytracker.com/id/1005353
(Links to External Site)
Date: Oct 4 2002
Disclosure of system information, Disclosure of user information, User access via network|
Fix Available: Yes Vendor Confirmed: Yes |
Version(s): 1.0.x and prior versions|
A vulnerability was reported in the Ximian Evolution workgroup software. A remote user with access to the SSL stream can conduct man-in-the middle attacks to gain access to the unencrypted stream.|
It is reported that Ximian Evolution's 'camel' component does not properly validate certificates for SSL connections. Once a certificate is accepted, it is no loger validated on subsequent connections.
A remote user with access to the network in between a client and server could intercept the communications and, using a self-signed certificate, masquerade as the server to get the client to initiate a valid SSL connection to the remote user.
A remote user with access to the encrypted SSL stream could conduct a man-in-the middle attack to gain access to the unencrypted data.|
The report indicates that version 1.1.x (a beta of the upcoming 1.2 branch) is not vulnerable. Version 1.1.1 is reportedly available at:|
Vendor URL: www.ximian.com/products/evolution/ (Links to External Site)
Linux (Any), UNIX (Any)|
Source Message Contents
Date: 03 Oct 2002 14:00:35 +0200|
Subject: SSL certificate validation problems in Ximian Evolution
2002-09-08, Ximian has been informed on 2002-09-09.
medium, if SSL (IMAPS, SMTPS, POP3S) used
none, if not
Ximian Evolution 1.0.x and earlier
Due to missing SSL validation code, Evolution's camel component is
vulnerable to common SSL man-in-the-middle attacks, independent of the
SSL issues currently in discussion. Certificates accepted once are no
longer checked by camel.
The behavior described below has been verified using both self-signed
certificates as well as a regular valid Thawte-signed certificate (but
regarded invalid by camel) for the server and a self-signed certificate
for the attacker. As the valid certificate has been regarded invalid, it
is also needed to be checked out with a certificate from valid oder
According to Ximian, Evolution 1.1.x (beta of upcoming 1.2 branch) is no
longer affected, so those people who would like to trust in SSL
connections should consider upgrading.
Ximian has released Evolution 1.1.1.
Imagine e.g. an IMAP connection over SSL. After a connection breakdown,
Evolution quietly re-establishes the IMAPS connection on next access -
but it seems to not check the identity of the peer.
During the time period no connection is established, the certificate is
replaced, e.g. by a SSL m-i-t-m attack, by the attacker's self-signed
certificate, allowing him to read and even modify all data transfered.
The attacker might also setup SSL m-i-t-m filters first and then
drop/kill the connection still established.
Evolution re-establishes the connection without showing any warning
dialog. Using POP3 and SMTPS over the same certificates (and host) does
not postulate any validation as well.
// Veit Wahlich