Lucene search

[email protected]NVD:CVE-2006-5867

HistoryDec 31, 2006 - 5:00 a.m.

CVE-2006-5867

2006-12-3105:00:00

CWE-20

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.131 Low

EPSS

Percentile

95.6%

JSON

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.

Affected configurations

NVD

Node

fetchmailfetchmailRange≤6.3.6rc3

fetchmailfetchmailMatch4.5.1

fetchmailfetchmailMatch4.5.2

fetchmailfetchmailMatch4.5.3

fetchmailfetchmailMatch4.5.4

fetchmailfetchmailMatch4.5.5

fetchmailfetchmailMatch4.5.6

fetchmailfetchmailMatch4.5.7

fetchmailfetchmailMatch4.5.8

fetchmailfetchmailMatch4.6.0

fetchmailfetchmailMatch4.6.1

fetchmailfetchmailMatch4.6.2

fetchmailfetchmailMatch4.6.3

fetchmailfetchmailMatch4.6.4

fetchmailfetchmailMatch4.6.5

fetchmailfetchmailMatch4.6.6

fetchmailfetchmailMatch4.6.7

fetchmailfetchmailMatch4.6.8

fetchmailfetchmailMatch4.6.9

fetchmailfetchmailMatch4.7.0

fetchmailfetchmailMatch4.7.1

fetchmailfetchmailMatch4.7.2

fetchmailfetchmailMatch4.7.3

fetchmailfetchmailMatch4.7.4

fetchmailfetchmailMatch4.7.5

fetchmailfetchmailMatch4.7.6

fetchmailfetchmailMatch4.7.7

fetchmailfetchmailMatch5.0.0

fetchmailfetchmailMatch5.0.1

fetchmailfetchmailMatch5.0.2

fetchmailfetchmailMatch5.0.3

fetchmailfetchmailMatch5.0.4

fetchmailfetchmailMatch5.0.5

fetchmailfetchmailMatch5.0.6

fetchmailfetchmailMatch5.0.7

fetchmailfetchmailMatch5.0.8

fetchmailfetchmailMatch5.1.0

fetchmailfetchmailMatch5.1.4

fetchmailfetchmailMatch5.2.0

fetchmailfetchmailMatch5.2.1

fetchmailfetchmailMatch5.2.3

fetchmailfetchmailMatch5.2.4

fetchmailfetchmailMatch5.2.7

fetchmailfetchmailMatch5.2.8

fetchmailfetchmailMatch5.3.0

fetchmailfetchmailMatch5.3.1

fetchmailfetchmailMatch5.3.3

fetchmailfetchmailMatch5.3.8

fetchmailfetchmailMatch5.4.0

fetchmailfetchmailMatch5.4.3

fetchmailfetchmailMatch5.4.4

fetchmailfetchmailMatch5.4.5

fetchmailfetchmailMatch5.5.0

fetchmailfetchmailMatch5.5.2

fetchmailfetchmailMatch5.5.3

fetchmailfetchmailMatch5.5.5

fetchmailfetchmailMatch5.5.6

fetchmailfetchmailMatch5.6.0

fetchmailfetchmailMatch5.7.0

fetchmailfetchmailMatch5.7.2

fetchmailfetchmailMatch5.7.4

fetchmailfetchmailMatch5.8

fetchmailfetchmailMatch5.8.1

fetchmailfetchmailMatch5.8.2

fetchmailfetchmailMatch5.8.3

fetchmailfetchmailMatch5.8.4

fetchmailfetchmailMatch5.8.5

fetchmailfetchmailMatch5.8.6

fetchmailfetchmailMatch5.8.11

fetchmailfetchmailMatch5.8.13

fetchmailfetchmailMatch5.8.14

fetchmailfetchmailMatch5.8.17

fetchmailfetchmailMatch5.9.0

fetchmailfetchmailMatch5.9.4

fetchmailfetchmailMatch5.9.5

fetchmailfetchmailMatch5.9.8

fetchmailfetchmailMatch5.9.10

fetchmailfetchmailMatch5.9.11

fetchmailfetchmailMatch5.9.13

fetchmailfetchmailMatch6.0.0

fetchmailfetchmailMatch6.1.0

fetchmailfetchmailMatch6.1.3

fetchmailfetchmailMatch6.2.0

fetchmailfetchmailMatch6.2.1

fetchmailfetchmailMatch6.2.2

fetchmailfetchmailMatch6.2.3

fetchmailfetchmailMatch6.2.4

fetchmailfetchmailMatch6.2.5

fetchmailfetchmailMatch6.2.5.1

fetchmailfetchmailMatch6.2.5.2

fetchmailfetchmailMatch6.2.5.4

fetchmailfetchmailMatch6.2.6pre4

fetchmailfetchmailMatch6.2.6pre8

fetchmailfetchmailMatch6.2.6pre9

fetchmailfetchmailMatch6.2.9rc10

fetchmailfetchmailMatch6.2.9rc3

fetchmailfetchmailMatch6.2.9rc4

fetchmailfetchmailMatch6.2.9rc5

fetchmailfetchmailMatch6.2.9rc7

fetchmailfetchmailMatch6.2.9rc8

fetchmailfetchmailMatch6.2.9rc9

fetchmailfetchmailMatch6.3.0

fetchmailfetchmailMatch6.3.1

fetchmailfetchmailMatch6.3.2

fetchmailfetchmailMatch6.3.3

fetchmailfetchmailMatch6.3.4

fetchmailfetchmailMatch6.3.5

fetchmailfetchmailMatch6.3.6rc1

fetchmailfetchmailMatch6.3.6rc2

References

ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc

docs.info.apple.com/article.html?artnum=305391

fedoranews.org/cms/node/2429

fetchmail.berlios.de/fetchmail-SA-2006-02.txt

lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html

osvdb.org/31580

secunia.com/advisories/23631

secunia.com/advisories/23695

secunia.com/advisories/23714

secunia.com/advisories/23781

secunia.com/advisories/23804

secunia.com/advisories/23838

secunia.com/advisories/23923

secunia.com/advisories/24007

secunia.com/advisories/24151

secunia.com/advisories/24174

secunia.com/advisories/24284

secunia.com/advisories/24966

security.gentoo.org/glsa/glsa-200701-13.xml

securitytracker.com/id?1017478

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.517995

www.debian.org/security/2007/dsa-1259

www.mandriva.com/security/advisories?name=MDKSA-2007:016

www.novell.com/linux/security/advisories/2007_4_sr.html

www.openpkg.com/security/advisories/OpenPKG-SA-2007.004.html

www.redhat.com/support/errata/RHSA-2007-0018.html

www.securityfocus.com/archive/1/456115/100/0/threaded

www.securityfocus.com/archive/1/460528/100/0/threaded

www.securityfocus.com/bid/21903

www.trustix.org/errata/2007/0007

www.ubuntu.com/usn/usn-405-1

www.us-cert.gov/cas/techalerts/TA07-109A.html

www.vupen.com/english/advisories/2007/0087

www.vupen.com/english/advisories/2007/0088

www.vupen.com/english/advisories/2007/1470

issues.rpath.com/browse/RPL-919

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10566

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.131 Low

EPSS

Percentile

95.6%

JSON

Related for NVD:CVE-2006-5867

nessus14 openvas19 ubuntu1 debiancve1 cvelist1 debian1 ubuntucve1 cve1 securityvulns1 freebsd1 centos2 gentoo1 fedora2 altlinux1 slackware1 redhat1 oraclelinux1 suse1