Max CVSS | 7.8 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-5867 | 7.8 |
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
|
17-10-2018 - 21:45 | 31-12-2006 - 05:00 | |
CVE-2007-1558 | 2.6 |
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APO
|
16-10-2018 - 16:39 | 16-04-2007 - 22:19 | |
CVE-2009-2666 | 6.4 |
socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted cert
|
10-10-2018 - 19:41 | 07-08-2009 - 19:00 |