FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

claws-mail -- APOP vulnerability

Affected packages
claws-mail < 2.9.0

Details

VuXML ID c389d06d-ee57-11db-bd51-0016179b2dd5
Discovery 2007-04-02
Entry 2007-04-19

CVE reports:

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions.

References

CVE Name CVE-2007-1558
URL http://www.claws-mail.org/news.php