aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authormiwi <miwi@FreeBSD.org>2007-04-19 18:37:24 +0800
committermiwi <miwi@FreeBSD.org>2007-04-19 18:37:24 +0800
commit3fbd0a0daa320c321184b24d7d8904e8a111cec6 (patch)
treef7f3fd5686201c8aa3416ddd6fab721a780ce12f /security
parent75ca14d9ee910ecf4c320cbd185792785880dbc0 (diff)
downloadfreebsd-ports-gnome-3fbd0a0daa320c321184b24d7d8904e8a111cec6.tar.gz
freebsd-ports-gnome-3fbd0a0daa320c321184b24d7d8904e8a111cec6.tar.zst
freebsd-ports-gnome-3fbd0a0daa320c321184b24d7d8904e8a111cec6.zip
- Add entry for claws-mail - APOP vulnerability
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml29
1 files changed, 29 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 3fa808c95fb7..f542a58eb16a 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,35 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="c389d06d-ee57-11db-bd51-0016179b2dd5">
+ <topic>claws-mail -- APOP vulnerability</topic>
+ <affects>
+ <package>
+ <name>claws-mail</name>
+ <range><lt>2.9.0</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>CVE reports:</p>
+ <blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558">
+ <p>The APOP protocol allows remote attackers to guess the first 3
+ characters of a password via man-in-the-middle (MITM) attacks
+ that use crafted message IDs and MD5 collisions.
+ </p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2007-1558</cvename>
+ <url>http://www.claws-mail.org/news.php</url>
+ </references>
+ <dates>
+ <discovery>2007-04-02</discovery>
+ <entry>2007-04-19</entry>
+ </dates>
+ </vuln>
+
<vuln vid="5678da43-ea99-11db-a802-000fea2763ce">
<topic>lighttpd -- DOS when access files with mtime 0</topic>
<affects>