SciLinux: CVE-2007-1558 fetchmail SL5.x, SL4.x, SL3,x i386/x86_64
Summary
Date: Fri, 8 Jun 2007 16:28:16 -0500Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for fetchmail on SL5.x, SL4.x, SL3,x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Moderate: fetchmail security updateIssue date: 2007-06-07CVE Names: CVE-2007-1558A flaw was found in the way fetchmail processed certain APOP authenticationrequests. By sending certain responses when fetchmail attempted toauthenticate against an APOP server, a remote attacker could potentiallyacquire certain portions of a user's authentication credentials.(CVE-2007-1558)SL 3.0.x SRPMS: fetchmail-6.2.0-3.el3.4.src.rpm i386: fetchmail-6.2.0-3.el3.4.i386.rpm x86_64: fetchmail-6.2.0-3.el3.4.x86_64.rpmSL 4.x SRPMS: fetchmail-6.2.5-6.0.1.el4.src.rpm i386: fetchmail-6.2.5-6.0.1.el4.i386.rpm x86_64: fetchmail-6.2.5-6.0.1.el4.x86_64.rpmSL 5.x SRPMS: fetchmail-6.3.6-1.0.1.el5.src.rpm i386: fetchmail-6.3.6-1.0.1.el5.i386.rpm x86_64: fetchmail-6.3.6-1.0.1.el5.x86_64.rpm-Connie Sieh-Troy Dawson