GSD-2007-1558
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2007-1558",
"description": "The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.",
"id": "GSD-2007-1558",
"references": [
"https://www.suse.com/security/cve/CVE-2007-1558.html",
"https://www.debian.org/security/2007/dsa-1305",
"https://www.debian.org/security/2007/dsa-1300",
"https://access.redhat.com/errata/RHSA-2009:1140",
"https://access.redhat.com/errata/RHSA-2007:0402",
"https://access.redhat.com/errata/RHSA-2007:0401",
"https://access.redhat.com/errata/RHSA-2007:0386",
"https://access.redhat.com/errata/RHSA-2007:0385",
"https://access.redhat.com/errata/RHSA-2007:0353",
"https://access.redhat.com/errata/RHSA-2007:0344",
"https://linux.oracle.com/cve/CVE-2007-1558.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2007-1558"
],
"details": "The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.",
"id": "GSD-2007-1558",
"modified": "2023-12-13T01:21:39.363392Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25496"
},
{
"name": "25529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25529"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=683706",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=683706"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305530",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305530"
},
{
"name": "http://www.claws-mail.org/news.php",
"refsource": "CONFIRM",
"url": "http://www.claws-mail.org/news.php"
},
{
"name": "MDKSA-2007:107",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:107"
},
{
"name": "2007-0024",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0024/"
},
{
"name": "20070403 Re: APOP vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464569/100/0/threaded"
},
{
"name": "25894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25894"
},
{
"name": "20070615 rPSA-2007-0122-1 evolution-data-server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471455/100/0/threaded"
},
{
"name": "ADV-2007-1939",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1939"
},
{
"name": "26083",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26083"
},
{
"name": "ADV-2007-1468",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1468"
},
{
"name": "RHSA-2009:1140",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html"
},
{
"name": "HPSBUX02156",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"
},
{
"name": "20070531 FLEA-2007-0023-1: firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
},
{
"name": "26415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26415"
},
{
"name": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt",
"refsource": "CONFIRM",
"url": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt"
},
{
"name": "[oss-security] 20090818 Re: CVE-2007-1558 update (was: mailfilter 0.8.2 fixes CVE-2007-1558 (APOP))",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/18/1"
},
{
"name": "APPLE-SA-2007-05-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
},
{
"name": "SUSE-SR:2007:014",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"name": "25402",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25402"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "20070402 APOP vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464477/30/0/threaded"
},
{
"name": "SUSE-SA:2007:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
},
{
"name": "GLSA-200706-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
},
{
"name": "http://sylpheed.sraoss.jp/en/news.html",
"refsource": "CONFIRM",
"url": "http://sylpheed.sraoss.jp/en/news.html"
},
{
"name": "25534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25534"
},
{
"name": "ADV-2007-1994",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1994"
},
{
"name": "SSA:2007-152-02",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
},
{
"name": "23257",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23257"
},
{
"name": "USN-469-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-469-1"
},
{
"name": "MDKSA-2007:131",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:131"
},
{
"name": "DSA-1305",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1305"
},
{
"name": "https://issues.rpath.com/browse/RPL-1231",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1231"
},
{
"name": "ADV-2007-1467",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1467"
},
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html"
},
{
"name": "ADV-2007-2788",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2788"
},
{
"name": "SSRT061236",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"
},
{
"name": "https://issues.rpath.com/browse/RPL-1424",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1424"
},
{
"name": "25664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25664"
},
{
"name": "MDKSA-2007:119",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:119"
},
{
"name": "25546",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25546"
},
{
"name": "RHSA-2007:0353",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0353.html"
},
{
"name": "RHSA-2007:0385",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0385.html"
},
{
"name": "25858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25858"
},
{
"name": "25798",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25798"
},
{
"name": "25353",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25353"
},
{
"name": "ADV-2008-0082",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0082"
},
{
"name": "[oss-security] 20090815 mailfilter 0.8.2 fixes CVE-2007-1558 (APOP)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/15/1"
},
{
"name": "RHSA-2007:0401",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
},
{
"name": "2007-0019",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"name": "25476",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25476"
},
{
"name": "35699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35699"
},
{
"name": "MDKSA-2007:113",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:113"
},
{
"name": "[balsa-list] 20070704 balsa-2.3.17 released",
"refsource": "MLIST",
"url": "http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html"
},
{
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "MDKSA-2007:105",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:105"
},
{
"name": "RHSA-2007:0386",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-1232",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1232"
},
{
"name": "25750",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25750"
},
{
"name": "20070619 FLEA-2007-0026-1: evolution-data-server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471720/100/0/threaded"
},
{
"name": "DSA-1300",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1300"
},
{
"name": "25559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25559"
},
{
"name": "ADV-2007-1466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1466"
},
{
"name": "1018008",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018008"
},
{
"name": "oval:org.mitre.oval:def:9782",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "RHSA-2007:0402",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
},
{
"name": "ADV-2007-1480",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1480"
},
{
"name": "USN-520-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-520-1"
},
{
"name": "TA07-151A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
},
{
"name": "RHSA-2007:0344",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0344.html"
},
{
"name": "20070620 FLEA-2007-0027-1: thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471842/100/0/threaded"
},
{
"name": "http://balsa.gnome.org/download.html",
"refsource": "CONFIRM",
"url": "http://balsa.gnome.org/download.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1558"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070402 APOP vulnerability",
"refsource": "BUGTRAQ",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/464477/30/0/threaded"
},
{
"name": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt",
"refsource": "CONFIRM",
"tags": [],
"url": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=683706",
"refsource": "CONFIRM",
"tags": [],
"url": "http://sourceforge.net/forum/forum.php?forum_id=683706"
},
{
"name": "http://sylpheed.sraoss.jp/en/news.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://sylpheed.sraoss.jp/en/news.html"
},
{
"name": "http://www.claws-mail.org/news.php",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.claws-mail.org/news.php"
},
{
"name": "23257",
"refsource": "BID",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23257"
},
{
"name": "RHSA-2007:0353",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0353.html"
},
{
"name": "1018008",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1018008"
},
{
"name": "[balsa-list] 20070704 balsa-2.3.17 released",
"refsource": "MLIST",
"tags": [],
"url": "http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html"
},
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-1424",
"refsource": "CONFIRM",
"tags": [],
"url": "https://issues.rpath.com/browse/RPL-1424"
},
{
"name": "https://issues.rpath.com/browse/RPL-1232",
"refsource": "CONFIRM",
"tags": [],
"url": "https://issues.rpath.com/browse/RPL-1232"
},
{
"name": "https://issues.rpath.com/browse/RPL-1231",
"refsource": "CONFIRM",
"tags": [],
"url": "https://issues.rpath.com/browse/RPL-1231"
},
{
"name": "http://balsa.gnome.org/download.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://balsa.gnome.org/download.html"
},
{
"name": "APPLE-SA-2007-05-24",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
},
{
"name": "DSA-1300",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2007/dsa-1300"
},
{
"name": "DSA-1305",
"refsource": "DEBIAN",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2007/dsa-1305"
},
{
"name": "GLSA-200706-06",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
},
{
"name": "MDKSA-2007:105",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:105"
},
{
"name": "MDKSA-2007:107",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:107"
},
{
"name": "MDKSA-2007:113",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:113"
},
{
"name": "MDKSA-2007:119",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:119"
},
{
"name": "MDKSA-2007:131",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:131"
},
{
"name": "RHSA-2007:0344",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0344.html"
},
{
"name": "RHSA-2007:0386",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html"
},
{
"name": "RHSA-2007:0385",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0385.html"
},
{
"name": "RHSA-2007:0401",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
},
{
"name": "RHSA-2007:0402",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"tags": [],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "SSA:2007-152-02",
"refsource": "SLACKWARE",
"tags": [],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
},
{
"name": "SUSE-SA:2007:036",
"refsource": "SUSE",
"tags": [],
"url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
},
{
"name": "SUSE-SR:2007:014",
"refsource": "SUSE",
"tags": [],
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"name": "2007-0019",
"refsource": "TRUSTIX",
"tags": [],
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"name": "2007-0024",
"refsource": "TRUSTIX",
"tags": [],
"url": "http://www.trustix.org/errata/2007/0024/"
},
{
"name": "USN-469-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/usn-469-1"
},
{
"name": "USN-520-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/usn-520-1"
},
{
"name": "TA07-151A",
"refsource": "CERT",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
},
{
"name": "25353",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25353"
},
{
"name": "25402",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25402"
},
{
"name": "25476",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25476"
},
{
"name": "25529",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25529"
},
{
"name": "25546",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25546"
},
{
"name": "25496",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25496"
},
{
"name": "25559",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25559"
},
{
"name": "25534",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25534"
},
{
"name": "25664",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25664"
},
{
"name": "25750",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25750"
},
{
"name": "25798",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25798"
},
{
"name": "25894",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "26083",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/26083"
},
{
"name": "26415",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/26415"
},
{
"name": "25858",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25858"
},
{
"name": "RHSA-2009:1140",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html"
},
{
"name": "35699",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/35699"
},
{
"name": "[oss-security] 20090818 Re: CVE-2007-1558 update (was: mailfilter 0.8.2 fixes CVE-2007-1558 (APOP))",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2009/08/18/1"
},
{
"name": "[oss-security] 20090815 mailfilter 0.8.2 fixes CVE-2007-1558 (APOP)",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2009/08/15/1"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"tags": [],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "HPSBUX02156",
"refsource": "HP",
"tags": [],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"
},
{
"name": "ADV-2007-1466",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1466"
},
{
"name": "ADV-2007-1939",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1939"
},
{
"name": "ADV-2007-1467",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1467"
},
{
"name": "ADV-2007-2788",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/2788"
},
{
"name": "ADV-2008-0082",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2008/0082"
},
{
"name": "ADV-2007-1994",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1994"
},
{
"name": "ADV-2007-1480",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1480"
},
{
"name": "ADV-2007-1468",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1468"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305530",
"refsource": "CONFIRM",
"tags": [],
"url": "http://docs.info.apple.com/article.html?artnum=305530"
},
{
"name": "oval:org.mitre.oval:def:9782",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782"
},
{
"name": "20070620 FLEA-2007-0027-1: thunderbird",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/471842/100/0/threaded"
},
{
"name": "20070619 FLEA-2007-0026-1: evolution-data-server",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/471720/100/0/threaded"
},
{
"name": "20070615 rPSA-2007-0122-1 evolution-data-server",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/471455/100/0/threaded"
},
{
"name": "20070531 FLEA-2007-0023-1: firefox",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
},
{
"name": "20070403 Re: APOP vulnerability",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/464569/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-16T16:39Z",
"publishedDate": "2007-04-16T22:19Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…