PublicDate: 2006-12-31 05:00:00 UTC
Candidate: CVE-2006-5867
References:
 https://ubuntu.com/security/notices/USN-405-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5867
Description:
 fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit
 cleartext passwords over unsecured links if certain circumstances occur,
 which allows remote attackers to obtain sensitive information via
 man-in-the-middle (MITM) attacks.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_fetchmail: released (6.3.2-2ubuntu2.1)
edgy_fetchmail: released (6.3.4-1ubuntu4.1)
feisty_fetchmail: released (6.3.6-1ubuntu2)
devel_fetchmail: released (6.3.6-1ubuntu2)
upstream_fetchmail: needs-triage