CVE-2006-5867

EPSS 6.69%
Published 31.12.2006 05:00:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
CVE-Watchlists
Login
Open
Login

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.

Affected products Warnungen 0 Metrics 2 CWE 1 References 40

Data is provided by the National Vulnerability Database (NVD)

Fetchmail ≫ Fetchmail Updaterc3 Version <= 6.3.6

Fetchmail ≫ Fetchmail Version4.5.1

Fetchmail ≫ Fetchmail Version4.5.2

Fetchmail ≫ Fetchmail Version4.5.3

Fetchmail ≫ Fetchmail Version4.5.4

Fetchmail ≫ Fetchmail Version4.5.5

Fetchmail ≫ Fetchmail Version4.5.6

Fetchmail ≫ Fetchmail Version4.5.7

Fetchmail ≫ Fetchmail Version4.5.8

Fetchmail ≫ Fetchmail Version4.6.0

Fetchmail ≫ Fetchmail Version4.6.1

Fetchmail ≫ Fetchmail Version4.6.2

Fetchmail ≫ Fetchmail Version4.6.3

Fetchmail ≫ Fetchmail Version4.6.4

Fetchmail ≫ Fetchmail Version4.6.5

Fetchmail ≫ Fetchmail Version4.6.6

Fetchmail ≫ Fetchmail Version4.6.7

Fetchmail ≫ Fetchmail Version4.6.8

Fetchmail ≫ Fetchmail Version4.6.9

Fetchmail ≫ Fetchmail Version4.7.0

Fetchmail ≫ Fetchmail Version4.7.1

Fetchmail ≫ Fetchmail Version4.7.2

Fetchmail ≫ Fetchmail Version4.7.3

Fetchmail ≫ Fetchmail Version4.7.4

Fetchmail ≫ Fetchmail Version4.7.5

Fetchmail ≫ Fetchmail Version4.7.6

Fetchmail ≫ Fetchmail Version4.7.7

Fetchmail ≫ Fetchmail Version5.0.0

Fetchmail ≫ Fetchmail Version5.0.1

Fetchmail ≫ Fetchmail Version5.0.2

Fetchmail ≫ Fetchmail Version5.0.3

Fetchmail ≫ Fetchmail Version5.0.4

Fetchmail ≫ Fetchmail Version5.0.5

Fetchmail ≫ Fetchmail Version5.0.6

Fetchmail ≫ Fetchmail Version5.0.7

Fetchmail ≫ Fetchmail Version5.0.8

Fetchmail ≫ Fetchmail Version5.1.0

Fetchmail ≫ Fetchmail Version5.1.4

Fetchmail ≫ Fetchmail Version5.2.0

Fetchmail ≫ Fetchmail Version5.2.1

Fetchmail ≫ Fetchmail Version5.2.3

Fetchmail ≫ Fetchmail Version5.2.4

Fetchmail ≫ Fetchmail Version5.2.7

Fetchmail ≫ Fetchmail Version5.2.8

Fetchmail ≫ Fetchmail Version5.3.0

Fetchmail ≫ Fetchmail Version5.3.1

Fetchmail ≫ Fetchmail Version5.3.3

Fetchmail ≫ Fetchmail Version5.3.8

Fetchmail ≫ Fetchmail Version5.4.0

Fetchmail ≫ Fetchmail Version5.4.3

Fetchmail ≫ Fetchmail Version5.4.4

Fetchmail ≫ Fetchmail Version5.4.5

Fetchmail ≫ Fetchmail Version5.5.0

Fetchmail ≫ Fetchmail Version5.5.2

Fetchmail ≫ Fetchmail Version5.5.3

Fetchmail ≫ Fetchmail Version5.5.5

Fetchmail ≫ Fetchmail Version5.5.6

Fetchmail ≫ Fetchmail Version5.6.0

Fetchmail ≫ Fetchmail Version5.7.0

Fetchmail ≫ Fetchmail Version5.7.2

Fetchmail ≫ Fetchmail Version5.7.4

Fetchmail ≫ Fetchmail Version5.8

Fetchmail ≫ Fetchmail Version5.8.1

Fetchmail ≫ Fetchmail Version5.8.2

Fetchmail ≫ Fetchmail Version5.8.3

Fetchmail ≫ Fetchmail Version5.8.4

Fetchmail ≫ Fetchmail Version5.8.5

Fetchmail ≫ Fetchmail Version5.8.6

Fetchmail ≫ Fetchmail Version5.8.11

Fetchmail ≫ Fetchmail Version5.8.13

Fetchmail ≫ Fetchmail Version5.8.14

Fetchmail ≫ Fetchmail Version5.8.17

Fetchmail ≫ Fetchmail Version5.9.0

Fetchmail ≫ Fetchmail Version5.9.4

Fetchmail ≫ Fetchmail Version5.9.5

Fetchmail ≫ Fetchmail Version5.9.8

Fetchmail ≫ Fetchmail Version5.9.10

Fetchmail ≫ Fetchmail Version5.9.11

Fetchmail ≫ Fetchmail Version5.9.13

Fetchmail ≫ Fetchmail Version6.0.0

Fetchmail ≫ Fetchmail Version6.1.0

Fetchmail ≫ Fetchmail Version6.1.3

Fetchmail ≫ Fetchmail Version6.2.0

Fetchmail ≫ Fetchmail Version6.2.1

Fetchmail ≫ Fetchmail Version6.2.2

Fetchmail ≫ Fetchmail Version6.2.3

Fetchmail ≫ Fetchmail Version6.2.4

Fetchmail ≫ Fetchmail Version6.2.5

Fetchmail ≫ Fetchmail Version6.2.5.1

Fetchmail ≫ Fetchmail Version6.2.5.2

Fetchmail ≫ Fetchmail Version6.2.5.4

Fetchmail ≫ Fetchmail Version6.2.6 Updatepre4

Fetchmail ≫ Fetchmail Version6.2.6 Updatepre8

Fetchmail ≫ Fetchmail Version6.2.6 Updatepre9

Fetchmail ≫ Fetchmail Version6.2.9 Updaterc10

Fetchmail ≫ Fetchmail Version6.2.9 Updaterc3

Fetchmail ≫ Fetchmail Version6.2.9 Updaterc4

Fetchmail ≫ Fetchmail Version6.2.9 Updaterc5

Fetchmail ≫ Fetchmail Version6.2.9 Updaterc7

Fetchmail ≫ Fetchmail Version6.2.9 Updaterc8

Fetchmail ≫ Fetchmail Version6.2.9 Updaterc9

Fetchmail ≫ Fetchmail Version6.3.0

Fetchmail ≫ Fetchmail Version6.3.1

Fetchmail ≫ Fetchmail Version6.3.2

Fetchmail ≫ Fetchmail Version6.3.3

Fetchmail ≫ Fetchmail Version6.3.4

Fetchmail ≫ Fetchmail Version6.3.5

Fetchmail ≫ Fetchmail Version6.3.6 Updaterc1

Fetchmail ≫ Fetchmail Version6.3.6 Updaterc2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.69%	0.909

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:C/I:N/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc

http://secunia.com/advisories/24007

Vendor Advisory

http://secunia.com/advisories/24284

Vendor Advisory

http://www.novell.com/linux/security/advisories/2007_4_sr.html

http://www.redhat.com/support/errata/RHSA-2007-0018.html

http://docs.info.apple.com/article.html?artnum=305391

http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html

http://secunia.com/advisories/24966

Vendor Advisory

http://www.us-cert.gov/cas/techalerts/TA07-109A.html