gsd-2007-1558
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2007-1558",
"description": "The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.",
"id": "GSD-2007-1558",
"references": [
"https://www.suse.com/security/cve/CVE-2007-1558.html",
"https://www.debian.org/security/2007/dsa-1305",
"https://www.debian.org/security/2007/dsa-1300",
"https://access.redhat.com/errata/RHSA-2009:1140",
"https://access.redhat.com/errata/RHSA-2007:0402",
"https://access.redhat.com/errata/RHSA-2007:0401",
"https://access.redhat.com/errata/RHSA-2007:0386",
"https://access.redhat.com/errata/RHSA-2007:0385",
"https://access.redhat.com/errata/RHSA-2007:0353",
"https://access.redhat.com/errata/RHSA-2007:0344",
"https://linux.oracle.com/cve/CVE-2007-1558.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2007-1558"
],
"details": "The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.",
"id": "GSD-2007-1558",
"modified": "2023-12-13T01:21:39.363392Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25496"
},
{
"name": "25529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25529"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=683706",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=683706"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305530",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305530"
},
{
"name": "http://www.claws-mail.org/news.php",
"refsource": "CONFIRM",
"url": "http://www.claws-mail.org/news.php"
},
{
"name": "MDKSA-2007:107",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:107"
},
{
"name": "2007-0024",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0024/"
},
{
"name": "20070403 Re: APOP vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464569/100/0/threaded"
},
{
"name": "25894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25894"
},
{
"name": "20070615 rPSA-2007-0122-1 evolution-data-server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471455/100/0/threaded"
},
{
"name": "ADV-2007-1939",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1939"
},
{
"name": "26083",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26083"
},
{
"name": "ADV-2007-1468",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1468"
},
{
"name": "RHSA-2009:1140",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html"
},
{
"name": "HPSBUX02156",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"
},
{
"name": "20070531 FLEA-2007-0023-1: firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
},
{
"name": "26415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26415"
},
{
"name": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt",
"refsource": "CONFIRM",
"url": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt"
},
{
"name": "[oss-security] 20090818 Re: CVE-2007-1558 update (was: mailfilter 0.8.2 fixes CVE-2007-1558 (APOP))",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/18/1"
},
{
"name": "APPLE-SA-2007-05-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
},
{
"name": "SUSE-SR:2007:014",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"name": "25402",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25402"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "20070402 APOP vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464477/30/0/threaded"
},
{
"name": "SUSE-SA:2007:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
},
{
"name": "GLSA-200706-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
},
{
"name": "http://sylpheed.sraoss.jp/en/news.html",
"refsource": "CONFIRM",
"url": "http://sylpheed.sraoss.jp/en/news.html"
},
{
"name": "25534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25534"
},
{
"name": "ADV-2007-1994",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1994"
},
{
"name": "SSA:2007-152-02",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
},
{
"name": "23257",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23257"
},
{
"name": "USN-469-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-469-1"
},
{
"name": "MDKSA-2007:131",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:131"
},
{
"name": "DSA-1305",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1305"
},
{
"name": "https://issues.rpath.com/browse/RPL-1231",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1231"
},
{
"name": "ADV-2007-1467",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1467"
},
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html"
},
{
"name": "ADV-2007-2788",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2788"
},
{
"name": "SSRT061236",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"
},
{
"name": "https://issues.rpath.com/browse/RPL-1424",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1424"
},
{
"name": "25664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25664"
},
{
"name": "MDKSA-2007:119",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:119"
},
{
"name": "25546",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25546"
},
{
"name": "RHSA-2007:0353",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0353.html"
},
{
"name": "RHSA-2007:0385",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0385.html"
},
{
"name": "25858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25858"
},
{
"name": "25798",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25798"
},
{
"name": "25353",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25353"
},
{
"name": "ADV-2008-0082",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0082"
},
{
"name": "[oss-security] 20090815 mailfilter 0.8.2 fixes CVE-2007-1558 (APOP)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/15/1"
},
{
"name": "RHSA-2007:0401",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
},
{
"name": "2007-0019",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"name": "25476",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25476"
},
{
"name": "35699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35699"
},
{
"name": "MDKSA-2007:113",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:113"
},
{
"name": "[balsa-list] 20070704 balsa-2.3.17 released",
"refsource": "MLIST",
"url": "http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html"
},
{
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "MDKSA-2007:105",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:105"
},
{
"name": "RHSA-2007:0386",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-1232",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1232"
},
{
"name": "25750",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25750"
},
{
"name": "20070619 FLEA-2007-0026-1: evolution-data-server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471720/100/0/threaded"
},
{
"name": "DSA-1300",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1300"
},
{
"name": "25559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25559"
},
{
"name": "ADV-2007-1466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1466"
},
{
"name": "1018008",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018008"
},
{
"name": "oval:org.mitre.oval:def:9782",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "RHSA-2007:0402",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
},
{
"name": "ADV-2007-1480",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1480"
},
{
"name": "USN-520-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-520-1"
},
{
"name": "TA07-151A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
},
{
"name": "RHSA-2007:0344",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0344.html"
},
{
"name": "20070620 FLEA-2007-0027-1: thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471842/100/0/threaded"
},
{
"name": "http://balsa.gnome.org/download.html",
"refsource": "CONFIRM",
"url": "http://balsa.gnome.org/download.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1558"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070402 APOP vulnerability",
"refsource": "BUGTRAQ",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/464477/30/0/threaded"
},
{
"name": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt",
"refsource": "CONFIRM",
"tags": [],
"url": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=683706",
"refsource": "CONFIRM",
"tags": [],
"url": "http://sourceforge.net/forum/forum.php?forum_id=683706"
},
{
"name": "http://sylpheed.sraoss.jp/en/news.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://sylpheed.sraoss.jp/en/news.html"
},
{
"name": "http://www.claws-mail.org/news.php",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.claws-mail.org/news.php"
},
{
"name": "23257",
"refsource": "BID",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23257"
},
{
"name": "RHSA-2007:0353",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0353.html"
},
{
"name": "1018008",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1018008"
},
{
"name": "[balsa-list] 20070704 balsa-2.3.17 released",
"refsource": "MLIST",
"tags": [],
"url": "http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html"
},
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-1424",
"refsource": "CONFIRM",
"tags": [],
"url": "https://issues.rpath.com/browse/RPL-1424"
},
{
"name": "https://issues.rpath.com/browse/RPL-1232",
"refsource": "CONFIRM",
"tags": [],
"url": "https://issues.rpath.com/browse/RPL-1232"
},
{
"name": "https://issues.rpath.com/browse/RPL-1231",
"refsource": "CONFIRM",
"tags": [],
"url": "https://issues.rpath.com/browse/RPL-1231"
},
{
"name": "http://balsa.gnome.org/download.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://balsa.gnome.org/download.html"
},
{
"name": "APPLE-SA-2007-05-24",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
},
{
"name": "DSA-1300",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2007/dsa-1300"
},
{
"name": "DSA-1305",
"refsource": "DEBIAN",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2007/dsa-1305"
},
{
"name": "GLSA-200706-06",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
},
{
"name": "MDKSA-2007:105",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:105"
},
{
"name": "MDKSA-2007:107",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:107"
},
{
"name": "MDKSA-2007:113",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:113"
},
{
"name": "MDKSA-2007:119",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:119"
},
{
"name": "MDKSA-2007:131",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:131"
},
{
"name": "RHSA-2007:0344",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0344.html"
},
{
"name": "RHSA-2007:0386",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html"
},
{
"name": "RHSA-2007:0385",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0385.html"
},
{
"name": "RHSA-2007:0401",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
},
{
"name": "RHSA-2007:0402",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"tags": [],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "SSA:2007-152-02",
"refsource": "SLACKWARE",
"tags": [],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
},
{
"name": "SUSE-SA:2007:036",
"refsource": "SUSE",
"tags": [],
"url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
},
{
"name": "SUSE-SR:2007:014",
"refsource": "SUSE",
"tags": [],
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"name": "2007-0019",
"refsource": "TRUSTIX",
"tags": [],
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"name": "2007-0024",
"refsource": "TRUSTIX",
"tags": [],
"url": "http://www.trustix.org/errata/2007/0024/"
},
{
"name": "USN-469-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/usn-469-1"
},
{
"name": "USN-520-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/usn-520-1"
},
{
"name": "TA07-151A",
"refsource": "CERT",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
},
{
"name": "25353",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25353"
},
{
"name": "25402",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25402"
},
{
"name": "25476",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25476"
},
{
"name": "25529",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25529"
},
{
"name": "25546",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25546"
},
{
"name": "25496",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25496"
},
{
"name": "25559",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25559"
},
{
"name": "25534",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25534"
},
{
"name": "25664",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25664"
},
{
"name": "25750",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25750"
},
{
"name": "25798",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25798"
},
{
"name": "25894",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "26083",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/26083"
},
{
"name": "26415",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/26415"
},
{
"name": "25858",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/25858"
},
{
"name": "RHSA-2009:1140",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html"
},
{
"name": "35699",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/35699"
},
{
"name": "[oss-security] 20090818 Re: CVE-2007-1558 update (was: mailfilter 0.8.2 fixes CVE-2007-1558 (APOP))",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2009/08/18/1"
},
{
"name": "[oss-security] 20090815 mailfilter 0.8.2 fixes CVE-2007-1558 (APOP)",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2009/08/15/1"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"tags": [],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "HPSBUX02156",
"refsource": "HP",
"tags": [],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"
},
{
"name": "ADV-2007-1466",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1466"
},
{
"name": "ADV-2007-1939",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1939"
},
{
"name": "ADV-2007-1467",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1467"
},
{
"name": "ADV-2007-2788",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/2788"
},
{
"name": "ADV-2008-0082",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2008/0082"
},
{
"name": "ADV-2007-1994",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1994"
},
{
"name": "ADV-2007-1480",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1480"
},
{
"name": "ADV-2007-1468",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2007/1468"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305530",
"refsource": "CONFIRM",
"tags": [],
"url": "http://docs.info.apple.com/article.html?artnum=305530"
},
{
"name": "oval:org.mitre.oval:def:9782",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782"
},
{
"name": "20070620 FLEA-2007-0027-1: thunderbird",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/471842/100/0/threaded"
},
{
"name": "20070619 FLEA-2007-0026-1: evolution-data-server",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/471720/100/0/threaded"
},
{
"name": "20070615 rPSA-2007-0122-1 evolution-data-server",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/471455/100/0/threaded"
},
{
"name": "20070531 FLEA-2007-0023-1: firefox",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
},
{
"name": "20070403 Re: APOP vulnerability",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/464569/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-16T16:39Z",
"publishedDate": "2007-04-16T22:19Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.