New Search

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.

oval:org.mitre.oval:def:10566

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
  • CentOS Linux 4
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2006-5867
Product(s):