SciLinux: CVE-2007-1558 evolution-data-server SL5.x i386/x86_64
Summary
Date: Fri, 1 Jun 2007 15:53:21 -0500Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for evolution-data-server on SL5.x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Moderate: evolution-data-server security updateIssue date: 2007-05-30CVE Names: CVE-2007-1558A flaw was found in the way evolution-data-server processed certain APOPauthentication requests. By sending certain responses whenevolution-data-server attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user'sauthentication credentials. (CVE-2007-1558)SL 5.x SRPMS:evolution-data-server-1.8.0-15.0.3.el5.src.rpm i386:evolution-data-server-1.8.0-15.0.3.el5.i386.rpmevolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm x86_64:evolution-data-server-1.8.0-15.0.3.el5.i386.rpmevolution-data-server-1.8.0-15.0.3.el5.x86_64.rpmevolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpmevolution-data-server-devel-1.8.0-15.0.3.el5.x86_64.rpm-Connie Sieh-Troy Dawson