NULL pointer dereference while using CRAM-MD5 or APOP

NULL pointer dereference while using CRAM-MD5 or APOP Severity: low CVE-2026-27651 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.5.15-1.29.6...

MiracleLinux 3 : ruby-1.8.5-5.7.1AXS3 (AXSA:2009-78:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-78:01 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system...

EUVD-2007-1552

Malware in sbrugna...

SUSE CVE-2007-1558

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

Fedora 7 : mutt-1.5.14-4.fc7 (2007-0002)

This update fixes two security issues : The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. CVE-2007-1558 Buffer overflow in Mutt 1.4.2 might allow local users to execute...

fetchmail/mutt/evolution/...: APOP password disclosure vulnerability

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

Ubuntu Update for fetchmail vulnerabilities USN-520-1

Ubuntu Update for Linux kernel vulnerabilities USN-520-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5201.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for fetchmail vulnerabilities USN-520-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-520-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 6.06 LTS / 6.10 / 7.04 : fetchmail vulnerabilities (USN-520-1)

Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. CVE-2007-1558 Earl Chew discovered that fetchmail can b...

USN-520-1: fetchmail vulnerabilities

Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. CVE-2007-1558 Earl Chew discovered that fetchmail can b...

fetchmail/mutt/evolution/...: APOP password disclosure vulnerability

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

Fedora Core 6 : mutt-1.4.2.3-1.fc6 (2007-539)

This update fixes two security issues : The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. CVE-2007-1558 Buffer overflow in Mutt 1.4.2 might allow local users to execute...

fetchmail/mutt/evolution/...: APOP password disclosure vulnerability

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

CVE-2007-1558

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

Code injection

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

CVE-2007-1558

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

CVE-2007-1558

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

CVE-2007-1558

CVE-2007-1558 describes a cryptographic weakness in APOP authentication that lowers MITM attack cost to recover passwords. Connected advisories show this affects multiple mail clients (e.g., Thunderbird/Icedove, Iceape, fetchmail) and related POP/ALOP implementations. Debian DSA-1305-1 and CentOS...

CVE-2007-1558

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

CVE-2007-1558

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...