Ubuntu Update For Fetchmail Vulnerability USN-405-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-405-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that fetchmail did not correctly require TLS negotiation in certain situations. This would result in a user's unencrypted password being sent across the network. If fetchmail has been configured to use the &quot sslproto tls1&quot , &quot sslcertck&quot , or &quot sslfingerprint&quot options with a server that does not correctly support TLS negotiation, this update may cause fetchmail to (correctly) abort authentication.

Affected

fetchmail vulnerability on Ubuntu 5.10 , Ubuntu 6.06 LTS , Ubuntu 6.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2007-January/000464.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2006-5867

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N

Related Vulnerabilities

Ubuntu Update for file vulnerability USN-439-1
Ubuntu Update for clamav vulnerabilities USN-926-1
Ubuntu Update for clamav USN-1773-1
Ubuntu Update for avahi vulnerabilities USN-992-1
Ubuntu Update for debian-goodies vulnerability USN-526-1

Ubuntu Update for fetchmail vulnerability USN-405-1

Take action and discover your vulnerabilities