40 vulnerabilities discovered in the STARTTLS encryption mechanism, used by Apple Mail, Gmail, Mozilla Thunderbird, Claws Mail, Mutt, Evolution, Exim and other services

Security specialists report the detection of at least 40 security flaws in a popular encryption mechanism whose exploitation would have allowed threat actors to deploy Man-in-The-Middle (MiTM) attacks in order to spoof mailbox content and steal user credentials.

These vulnerabilities were identified in multiple implementations of STARTTLS thanks to the work of a group of researchers who presented their findings at the USENIX security symposium. After conducting a security scan, researchers found around 320,000 email servers vulnerable to these attacks.

As some users will recall, STARTTLS is an opportunistic form of TLS that allows the transition or upgrade of email communication protocols such as SMTP, POP3, and IMAP from a plain text connection to an encrypted connection.

The vulnerabilities would affect all sorts of popular customers, including Apple Mail, Mozila Thunderbird, Gmail, Mutt, Mail.ru, Samsung Email, and Yandex. It is worth mentioning that a successful attack requires that hackers can modify the connections established between clients and email servers, in addition to having login credentials.

According to the report, the updating of connections through STARTTLS is fragile and is exposed to multiple attack variants. These conditions allow threat actors to inject plain text commands that a server might interpret as if they were part of the encrypted connection, triggering credential theft with the IMAP and SMTP protocols.

A second attack scenario would allow the mailbox to be spoofed by inserting an additional command into the server message in response to the STARTTLS command before the TLS handshake. This would trick the client into processing the server commands as if they were part of the encrypted connection.

The researchers recommend users configure their email clients to use SMTP, POP3, and IMAP with implicit TLS on dedicated ports (such as port 465, port 995, and port 993 respectively), in addition to asking client and email server application developers to offer implicit TLS by default, in what the researchers defined as a response injection.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.