3 matches found
Oracle Linux 5 : ruby (ELSA-2009-1140)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1140 advisory. - CVE-2007-1558: APOP password disclosure vulnerability. - CVE-2009-0642: Incorrect checks for validity of X.509 certificates. Tenable has extracted th...
fetchmail/mutt/evolution/...: APOP password disclosure vulnerability
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...
fetchmail/mutt/evolution/...: APOP password disclosure vulnerability
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...