JVN#19445002 APOP password recovery vulnerability

2007-04-19T00:00:00
ID JVN:19445002
Type jvn
Reporter Japan Vulnerability Notes
Modified 2008-05-21T00:00:00

Description

## Description

## Impact

APOP passwords may be compromised. When the same password is used for other systems, those systems could be compromised as well.

## Solution

## Products Affected

  • Mail clients with an APOP implementation As this is a protocol issue, software fixes cannot solve the issue essentially. Encrypted communications such as POP over SSL are recommended. Moreover, users should use different passwords for different services or accounts to minimize the risk of their accounts to be compromised.