Skip to content

Commit

Permalink
Prevent possible IMAP MITM via PREAUTH response
Browse files Browse the repository at this point in the history
This is similar to CVE-2014-2567 and CVE-2020-12398.  STARTTLS is not
allowed in the Authenticated state, so previously Mutt would
implicitly mark the connection as authenticated and skip any
encryption checking/enabling.

No credentials are exposed, but it does allow messages to be sent to
an attacker, via postpone or fcc'ing for instance.

Reuse the $ssl_starttls quadoption "in reverse" to prompt to abort the
connection if it is unencrypted.

Thanks very much to Damian Poddebniak and Fabian Ising from the
Münster University of Applied Sciences for reporting this issue, and
their help in testing the fix.
  • Loading branch information
gahr committed Jun 15, 2020
1 parent e8de279 commit 9909cde
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions imap/imap.c
Expand Up @@ -768,6 +768,28 @@ int imap_open_connection(struct ImapAccountData *adata)
}
else if (mutt_str_startswith(adata->buf, "* PREAUTH", CASE_IGNORE))
{
#ifdef USE_SSL
/* An unencrypted PREAUTH response is most likely a MITM attack.
* Require a confirmation. */
if (adata->conn->ssf == 0)
{
bool proceed = true;
if (C_SslForceTls)
{
proceed = false;
}
else if (C_SslStarttls != MUTT_NO)
{
proceed = mutt_yesorno(_("Abort unencrypted PREAUTH connection?"), C_SslStarttls) != MUTT_NO;
}
if (!proceed)
{
mutt_error(_("Encrypted connection unavailable"));
goto err_close_conn;
}
}
#endif

adata->state = IMAP_AUTHENTICATED;
if (check_capabilities(adata) != 0)
goto bail;
Expand Down

0 comments on commit 9909cde

Please sign in to comment.