Vedo che l'ultima versione di Thunderbird (38.0.1) ha ancora i valori predefiniti impostati per ignorare l'errore. Questo è un grosso problema? Devo cambiare le impostazioni predefinite per rafforzare la sicurezza?
Eccolosfondodelproblema:
This flaw could allow a ‘man-in-the-middle’ (MITM), to be able to inject data into a connection between an Internet client and an Internet server, and potentially allow an attacker to execute commands using the credentials of an authorised user, or to even collect authentication credentials of authorised users.
This security flaw has been labled CVE-2009-3555 and is (being) described in more detail:
CVE-2009-3555
National Vulnerability Database (CVE-2009-3555).
Ottengo i seguenti errori in Thunderbird:
Error: imap.example.com : server does not support RFC 5746, see CVE-2009-3555