Launchpad.net

CVE 2006-5867

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://fetchmail.berli...
BID: 21903
SECUNIA: 23631
CONFIRM: https://issues.rpath.c...
OPENPKG: OpenPKG-SA-2007.004
SECTRACK: 1017478
SECUNIA: 23695
UBUNTU: USN-405-1
SECUNIA: 23714
FEDORA: FEDORA-2007-041
GENTOO: GLSA-200701-13
SECUNIA: 23781
SECUNIA: 23804
SECUNIA: 23838
SECUNIA: 23923
REDHAT: RHSA-2007:0018
SECUNIA: 24007
DEBIAN: DSA-1259
TRUSTIX: 2007-0007
SECUNIA: 24151
SECUNIA: 24174
SUSE: SUSE-SR:2007:004
CONFIRM: http://docs.info.apple...
APPLE: APPLE-SA-2007-04-19
SECUNIA: 24966
SGI: 20070201-01-P
SECUNIA: 24284
MANDRIVA: MDKSA-2007:016
CERT: TA07-109A
OSVDB: 31580
VUPEN: ADV-2007-0087
VUPEN: ADV-2007-0088
VUPEN: ADV-2007-1470
SLACKWARE: SSA:2007-024-01
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20070105 fetchmail sec...
BUGTRAQ: 20070218 Re: [SECURITY...

Launchpad.net

CVE 2006-5867

Related bugs

References