Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×
Security

Submission + - Yahoo! Zimbra Desktop vulnerable to MiTM

holdenkarau writes: "After patching the its plaintext authentication gaffe, Yahoo! Zimbra desktop has hit another stumbling block in the security road. Yahoo! Zimbra now uses the standard authentication method used by the rest of the Yahoo! Mail family. However, unlike other implementations where invalid SSL certificates will throw up plenty of warnings for the user, Yahoo! Zimbra Desktop is trivially vulnerable to a man-in-the-middle attack, as it simply transmits the usernames & passwords regardless of who's picked up on the other side. With all of the news about DNS vulnerabilities, this seems like exceptionally poor timing for a MiTM. For the time being you may wish to switch to using the Yahoo! webmail interface, until this bug gets fixed."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Yahoo! Zimbra Desktop vulnerable to MiTM

Comments Filter:

<< WAIT >>

Working...