CVE-2006-5867

Related Files

Debian Linux Security Advisory 1259-1

Posted Feb 14, 2007

Authored by Debian | Site debian.org

Debian Security Advisory 1259-1 - Isaac Wilcox discovered that fetchmail, a popular mail retrieval and forwarding utility, insufficiently enforces encryption of connections, which might lead to information disclosure.

tags | advisory, info disclosure

systems | linux, debian

advisories | CVE-2006-5867

SHA-256 | c60bdd36c32a73ec0793bd760ad373fbc9341b987529b19badf093420add44fe

Download | Favorite | View

Ubuntu Security Notice 405-1

Posted Jan 14, 2007

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 405-1 - It was discovered that fetchmail did not correctly require TLS negotiation in certain situations. This would result in a user's unencrypted password being sent across the network.

tags | advisory

systems | linux, ubuntu

advisories | CVE-2006-5867

SHA-256 | 502b7277990cb0abff840829b05ec53ba00e73e8071dae50c965089d23c9c48e

Download | Favorite | View

OpenPKG Security Advisory 2007.4

Posted Jan 13, 2007

Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - According to vendor release notes and security advisories, two security issues exist in the POP3/IMAP batch client Fetchmail, version up to and including 6.3.5

tags | advisory, imap

advisories | CVE-2006-5867, CVE-2006-5974

SHA-256 | e848b53d79d513a6112f14b3d4de99609c0c6e7edaa805a1ed7f23529322556e

Download | Favorite | View

fetchmail-SA-2006-02.txt

Posted Jan 13, 2007

Authored by Isaac Wilcox | Site fetchmail.berlios.de

Fetchmail has had several nasty password disclosure vulnerabilities for a long time. It was only recently that these have been found. This affects fetchmail versions 6.3.5 and below.

tags | advisory, vulnerability

advisories | CVE-2006-5867

SHA-256 | a90b6668d3eb0388a08526760856b5f2f2e46ed5f5cc3551868bf5e5ff61289e

Download | Favorite | View