Vulnerability CVE-2018-12019

Vulnerability Name:

CVE-2018-12019 (CCN-144829)

Assigned:

2018-06-13

Published:

2018-06-13

Updated:

2019-05-16

Summary:

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-347

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2018-12019

Source: MISC
Type: Mailing List, Third Party Advisory
http://openwall.com/lists/oss-security/2018/06/13/10

Source: MISC
Type: Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20190430 OpenPGP and S/MIME signature forgery attacks in multiple email clients

Source: CCN
Type: oss-sec Mailing List, Wed, 13 Jun 2018 20:22:23 +0200
CVE-2018-12020, CVE-2018-12019 in GnuPG, Enigmails, GPGTools, python-gnupg

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20190430 Spoofing OpenPGP and S/MIME Signatures in Emails (multiple clients)

Source: XF
Type: UNKNOWN
enigmail-cve201812019-spoofing(144829)

Source: MISC
Type: UNKNOWN
https://github.com/RUB-NDS/Johnny-You-Are-Fired

Source: MISC
Type: UNKNOWN
https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf

Source: CCN
Type: Enigmail Web site
A simple interface for OpenPGP email security

Source: MISC
Type: Exploit, Vendor Advisory
https://www.enigmail.net/index.php/en/download/changelog

Vulnerable Configuration:

Configuration 1:

cpe:/a:enigmail:enigmail:*:*:*:*:*:*:*:* (Version < 2.0.7)

Configuration CCN 1:

cpe:/a:enigmail:enigmail:1.9.8:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:51564	P	Security update for kubevirt stack (Important)	2022-11-21
oval:org.opensuse.security:def:654	P	Security update for go1.18 (Important) (in QA)	2022-10-05
oval:org.opensuse.security:def:201812019	V	CVE-2018-12019	2022-09-02
oval:org.opensuse.security:def:4672	P	Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5) (Important)	2022-08-10
oval:org.opensuse.security:def:3553	P	libXRes1-1.0.7-3.53 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95183	P	enigmail-2.2.4-3.27.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:4627	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:4607	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-05-21
oval:org.opensuse.security:def:4599	P	Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP5) (Important)	2022-05-10
oval:org.opensuse.security:def:112190	P	enigmail-2.2.4-1.4 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105722	P	Security update for apache2 (Important) (in QA)	2022-01-10
oval:org.opensuse.security:def:1146	P	Security update for log4j12 (Important)	2021-12-17
oval:org.opensuse.security:def:1741	P	Security update for the Linux Kernel (Important)	2021-11-11
oval:org.opensuse.security:def:66942	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:1782	P	Security update for ffmpeg (Moderate)	2021-10-06
oval:org.opensuse.security:def:70298	P	Security update for grilo (Important)	2021-10-06
oval:org.opensuse.security:def:64774	P	Security update for curl (Moderate)	2021-10-06
oval:org.opensuse.security:def:71361	P	perl-5.26.1-7.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:4751	P	Security update for compat-openssl098 (Low)	2021-09-13
oval:org.opensuse.security:def:47668	P	libQt5WebKit5-5.6.2-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47682	P	libXrandr2-1.5.0-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47803	P	libvirglrenderer0-0.5.0-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47996	P	dracut-044.2-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47667	P	libQt5Concurrent5-5.6.2-6.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48128	P	libipa_hbac0-1.16.1-4.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48220	P	libvpx1-1.3.0-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:101029	P	opie-32bit-2.4-1.96 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:68021	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:66850	P	Security update for qemu (Moderate)	2021-06-30
oval:org.opensuse.security:def:48368	P	apache2-2.4.23-14.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48728	P	kernel-default-extra-3.12.49-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48582	P	openslp-2.0.0-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48793	P	libmysqlclient_r18-10.0.27-12.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48666	P	cyrus-sasl-digestmd5-32bit-2.1.26-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48824	P	bash-lang-4.3-82.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48895	P	bogofilter-1.2.4-5.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:73633	P	Security update for python-httplib2 (Moderate)	2021-05-31
oval:org.opensuse.security:def:64687	P	Security update for dtc (Low)	2021-05-13
oval:org.opensuse.security:def:52013	P	Security update for open-iscsi (Important)	2021-03-01
oval:org.opensuse.security:def:51730	P	Security update for wpa_supplicant (Important)	2021-02-15
oval:org.opensuse.security:def:4732	P	Security update for the Linux Kernel (Moderate)	2021-01-12
oval:org.opensuse.security:def:90101	P	enigmail-2.0.9-3.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2524	P	enigmail-2.1.5-3.22.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:94316	P	enigmail-2.1.5-3.22.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103756	P	enigmail-2.0.9-3.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63572	P	enigmail-2.0.9-3.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107695	P	enigmail-2.1.5-3.22.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71474	P	ecryptfs-utils-111-2.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117210	P	enigmail-2.1.5-3.22.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63613	P	enigmail-2.1.5-3.22.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2483	P	enigmail-2.0.9-3.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4888	P	Security update for libvirt (Important)	2020-12-02
oval:org.opensuse.security:def:4849	P	Security update for dhcp (Moderate)	2020-12-02
oval:org.opensuse.security:def:4895	P	Security update for squid (Critical)	2020-12-02
oval:org.opensuse.security:def:4908	P	Security update for xen (Important)	2020-12-02
oval:org.opensuse.security:def:5546	P	Security update for java-1_8_0-openjdk (Moderate)	2020-12-02
oval:org.opensuse.security:def:4717	P	Security update for python-ipaddress (Important)	2020-12-02
oval:org.opensuse.security:def:5577	P	Security update for enigmail (Moderate)	2020-12-02
oval:org.opensuse.security:def:4881	P	Security update for squid (Important)	2020-12-02
oval:org.opensuse.security:def:4824	P	Security update for libvirt (Important)	2020-12-02
oval:org.opensuse.security:def:25094	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:50889	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:50169	P	pidgin-plugin-otr on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51458	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25221	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:50223	P	enigmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25302	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:68121	P	enigmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26465	P	Security update for enigmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:53677	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25359	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:73515	P	nasm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52212	P	Security update for rubygem-actionpack-5_1 (Important)	2020-12-01
oval:org.opensuse.security:def:53751	P	Security update for enigmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:70193	P	perl-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25443	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:52284	P	Security update for docker-runc (Moderate)	2020-12-01
oval:org.opensuse.security:def:50890	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:52121	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25593	P	Security update for openvpn (Moderate)	2020-12-01
oval:org.opensuse.security:def:26430	P	Security update for phpMyAdmin (Moderate)	2020-12-01
oval:org.opensuse.security:def:52320	P	Security update for icu (Important)	2020-12-01
oval:org.opensuse.security:def:50912	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:25734	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25646	P	Security update for tomcat (Moderate)	2020-12-01
oval:org.opensuse.security:def:50128	P	apache2-mod_php7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52401	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:51050	P	Security update for slirp4netns (Important)	2020-12-01
oval:org.opensuse.security:def:25748	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25030	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:50182	P	enigmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25019	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:51287	P	Security update for libjpeg-turbo (Moderate)	2020-12-01
oval:org.opensuse.security:def:25792	P	Security update for libvirt (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:2018120190000000	V	CVE-2018-12019 on Ubuntu 18.04 LTS (bionic) - medium.	2018-06-13
oval:com.ubuntu.artful:def:201812019000	V	CVE-2018-12019 on Ubuntu 17.10 (artful) - medium.	2018-06-13
oval:com.ubuntu.xenial:def:201812019000	V	CVE-2018-12019 on Ubuntu 16.04 LTS (xenial) - medium.	2018-06-13
oval:com.ubuntu.xenial:def:2018120190000000	V	CVE-2018-12019 on Ubuntu 16.04 LTS (xenial) - medium.	2018-06-13
oval:com.ubuntu.bionic:def:201812019000	V	CVE-2018-12019 on Ubuntu 18.04 LTS (bionic) - medium.	2018-06-13
oval:com.ubuntu.disco:def:2018120190000000	V	CVE-2018-12019 on Ubuntu 19.04 (disco) - medium.	2018-06-13
oval:com.ubuntu.cosmic:def:201812019000	V	CVE-2018-12019 on Ubuntu 18.10 (cosmic) - medium.	2018-06-13
oval:com.ubuntu.cosmic:def:2018120190000000	V	CVE-2018-12019 on Ubuntu 18.10 (cosmic) - medium.	2018-06-13
oval:com.ubuntu.trusty:def:201812019000	V	CVE-2018-12019 on Ubuntu 14.04 LTS (trusty) - medium.	2018-06-13

BACK