CVE-2006-5867
CVE-2006-5867
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.aschttp://docs.info.apple.com/article.html?artnum=305391http://fedoranews.org/cms/node/2429http://fetchmail.berlios.de/fetchmail-SA-2006-02.txthttp://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.htmlhttp://osvdb.org/31580http://secunia.com/advisories/23631http://secunia.com/advisories/23695http://secunia.com/advisories/23714http://secunia.com/advisories/23781http://secunia.com/advisories/23804http://secunia.com/advisories/23838