24. June 2021

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

Researchers warned that hackers may snoop on email communications by attacking a flaw in the underlying technology used by most of the email servers that run the Internet Message Access Protocol or known as IMAP. 

The flaw was initially reported in August 2020 and was fixed on 21st June 2021. According to the Open Email Survey, it is linked to the email server software Dovecot, which is used by nearly three-quarters of IMAP servers. 

According to a paper by researchers Fabian Ising and Damian Poddebniak of Münster University of Applied Sciences in Germany, the vulnerability allows for a meddle-in-the-middle (MITM) attack. 

In accordance with research linked to a bug bounty page, dated August 2020, “the vulnerability allows a MITM attacker between a mail client and Dovecot to inject unencrypted commands into the encrypted TLS context, redirecting user credentials and mails to the attacker.” 

Dovecot version v2.3.14.1, a patch for the vulnerability is rated -severity by the vendor and critical by the third-party security firm Tenable, is available for download. According to a technical analysis provided by Anubisnetworks, the flaw revolves around the execution of the START-TLS email instruction, which is a command issued between an email program and a server that is used to protect the delivery of email messages. 

“We found that Dovecot is affected by a command injection issue in START-TLS. This bug allows [an attacker] to bypass security features o

[…]

Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: Email Bug Permits Message Snooping, Credential Theft