CVE-2005-3402

Name of the Vulnerable Software and Affected Versions Mozilla Thunderbird versions 1.0.5 BETA through 1.0.7

Description The issue allows remote attackers to obtain authentication information without detection via a man-in-the-middle (MITM) attack. This attack bypasses TLS authentication or downgrades CRAM-MD5 authentication to plain authentication, potentially exposing user credentials.

Recommendations For Mozilla Thunderbird versions 1.0.5 BETA through 1.0.7, consider disabling the SMTP client functionality until a patch is available to prevent potential man-in-the-middle attacks. Restrict access to sensitive information and authentication processes to minimize the risk of exploitation.