Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2007:016: fetchmail Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the fetchmail package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2007:016 (fetchmail).
Fetchmail before 6.3.6-rc4 does not properly enforce TLS and may
transmit cleartext passwords over unsecured links if certain
circumstances occur, which allows remote attackers to obtain sensitive
information via man-in-the-middle (MITM) attacks.
The updated packages have been patched to correct this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:016
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.