Your submission was sent successfully! Close

CVE-2006-5867

Published: 31 December 2006

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.

Priority

Unknown

Status

Package Release Status
fetchmail
Launchpad, Ubuntu, Debian
dapper
Released (6.3.2-2ubuntu2.1)
edgy
Released (6.3.4-1ubuntu4.1)
feisty
Released (6.3.6-1ubuntu2)
upstream Needs triage