CVE-2007-1558

NONECVSS 0.0

0.0

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.

🔗 References (146)

cve@mitreftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
cve@mitrehttp://balsa.gnome.org/download.html
cve@mitrehttp://docs.info.apple.com/article.html?artnum=305530
cve@mitrehttp://fetchmail.berlios.de/fetchmail-SA-2007-01.txt
cve@mitrehttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
cve@mitrehttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
cve@mitrehttp://lists.apple.com/archives/security-announce/2007/May/msg00004.html
cve@mitrehttp://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html
cve@mitrehttp://secunia.com/advisories/25353
cve@mitrehttp://secunia.com/advisories/25402
cve@mitrehttp://secunia.com/advisories/25476
cve@mitrehttp://secunia.com/advisories/25496
cve@mitrehttp://secunia.com/advisories/25529
cve@mitrehttp://secunia.com/advisories/25534
cve@mitrehttp://secunia.com/advisories/25546

Is Your Infrastructure Affected by CVE-2007-1558?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-1558

📅 Published

🔄 Last Modified

🔗 References (146)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-1558?