oval:org.mitre.oval:def:22506

Definition Id: oval:org.mitre.oval:def:22506

Oval ID:	oval:org.mitre.oval:def:22506
Title:	ELSA-2007:0385: fetchmail security update (Moderate)
Description:	The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0385-03 CVE-2007-1558	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	fetchmail
Definition Synopsis:
Oracle Linux 5.x AND fetchmail is earlier than 0:6.3.6-1.0.1.el5

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:22506