Lotus Notes R5 S/MIME Message Modification Warning Failure

low Nessus Network Monitor Plugin ID 1304

Synopsis

The remote client does not properly flag tampered messages.

Description

The remote host is running the Lotus Notes 5.x email client. Lotus Notes R5 client versions 5.0.5 and earlier could allow a remote attacker to send unsigned email messages as signed email messages, due to a vulnerability in the implementation of the S/MIME standard. Lotus Notes R5 client uses the S/MIME standard to securely send and receive messages with digital certificates. However, Lotus Notes fails to notify the recipient if the email being received has been tampered with. A remote attacker can corrupt signed messages in transit without the recipient being warned of the invalid signature. The message appears to the recipient as an unsigned message.

Solution

No known remedy as of August 2002 however at the time of writing Lotus Notes 6.0 is available.

Plugin Details

Severity: Low

ID: 1304

Family: SMTP Clients

Published: 8/20/2004

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS v3

Risk Factor: Low

Base Score: 3.7

Temporal Score: 3.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:lotus_notes

Reference Information

CVE: CVE-2000-1138

BID: 1925

Detections

Analytics