ID de Prueba:	1.3.6.1.4.1.25623.1.0.57797
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:016 (fetchmail)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to fetchmail announced via advisory MDKSA-2007:016. Fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks. The updated packages have been patched to correct this problem. Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:016 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CAN-2006-5867 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html BugTraq ID: 21903 http://www.securityfocus.com/bid/21903 Bugtraq: 20070105 fetchmail security announcement 2006-02 (CVE-2006-5867) (Google Search) http://www.securityfocus.com/archive/1/456115/100/0/threaded Bugtraq: 20070218 Re: [SECURITY] [DSA 1259-1] New fetchmail packages fix information disclosure (Google Search) http://www.securityfocus.com/archive/1/460528/100/0/threaded Cert/CC Advisory: TA07-109A http://www.us-cert.gov/cas/techalerts/TA07-109A.html Debian Security Information: DSA-1259 (Google Search) http://www.debian.org/security/2007/dsa-1259 http://fedoranews.org/cms/node/2429 http://security.gentoo.org/glsa/glsa-200701-13.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:016 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.004.html http://osvdb.org/31580 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10566 http://www.redhat.com/support/errata/RHSA-2007-0018.html http://securitytracker.com/id?1017478 http://secunia.com/advisories/23631 http://secunia.com/advisories/23695 http://secunia.com/advisories/23714 http://secunia.com/advisories/23781 http://secunia.com/advisories/23804 http://secunia.com/advisories/23838 http://secunia.com/advisories/23923 http://secunia.com/advisories/24007 http://secunia.com/advisories/24151 http://secunia.com/advisories/24174 http://secunia.com/advisories/24284 http://secunia.com/advisories/24966 SGI Security Advisory: 20070201-01-P ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.517995 SuSE Security Announcement: SUSE-SR:2007:004 (Google Search) http://www.novell.com/linux/security/advisories/2007_4_sr.html http://www.trustix.org/errata/2007/0007 http://www.ubuntu.com/usn/usn-405-1 http://www.vupen.com/english/advisories/2007/0087 http://www.vupen.com/english/advisories/2007/0088 http://www.vupen.com/english/advisories/2007/1470
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.