[BREAKING] Linux iSync vulnerable to MITM attacks

TheĀ Isync application is a command line application which synchronizes selected mailboxes. A new vulnerability has been found in the iSync application.

This vulnerability allows cybercriminals to perform a man in the middle attack on the iSync application.

The iSync application does not perform a control, to check if the provided server hostname matches the domain name in the provided Common Name or subjectAltName field of the X.509 certificates.

Be the first to comment

Leave a Reply