CVE-2006-5867
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2006-5867
Status
Candidate
Description
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
Severity
Low
CVSS score
3,3
CVSS vector
(AV:R/AC:L/Au:NR/C:C/I:N/A:N/B:N)
Phase
Assigned (14.11.2006)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5867
References
APPLE :
APPLE-SA-2007-04-19
BID :
21903
BUGTRAQ :
20070105 fetchmail security announcement 2006-02 (CVE-2006-5867)
BUGTRAQ :
20070218 Re: [SECURITY] [DSA 1259-1] New fetchmail packages fix information disclosure
CONFIRM :
http://docs.info.apple.com/article.html?artnum=305391
CONFIRM :
http://fetchmail.berlios.de/fetchmail-SA-2006-02.txt
CONFIRM :
https://issues.rpath.com/browse/RPL-919
DEBIAN :
DSA-1259
FEDORA :
FEDORA-2007-041
FRSIRT :
ADV-2007-0087
FRSIRT :
ADV-2007-0088
FRSIRT :
ADV-2007-1470
GENTOO :
GLSA-200701-13
MANDRIVA :
MDKSA-2007:016
OPENPKG :
OpenPKG-SA-2007.004
REDHAT :
RHSA-2007:0018
SECTRACK :
1017478
SECUNIA :
23631
SECUNIA :
23695
SECUNIA :
23714
SECUNIA :
23781
SECUNIA :
23804
SECUNIA :
23838
SECUNIA :
23923
SECUNIA :
24007
SECUNIA :
24151
SECUNIA :
24174
SECUNIA :
24284
SECUNIA :
24966
SGI :
20070201-01-P
SLACKWARE :
SSA:2007-024-01
SUSE :
SUSE-SR:2007:004
TRUSTIX :
2007-0007
UBUNTU :
USN-405-1
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
