How to Buy
This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated fetchmail packages that fix insecure configuration file
creation is now available.
This update has been rated as having low security impact by the Red
Hat Security Response Team.
Fetchmail is a remote mail retrieval and forwarding utility.
A bug was found in the way the fetchmailconf utility program writes
configuration files. The default behavior of fetchmailconf is to write
a configuration file which may be world readable for a short period of
time. This configuration file could provide passwords to a local
malicious attacker within the short window before fetchmailconf sets
secure permissions. The Common Vulnerabilities and Exposures project
has assigned the name CVE-2005-3088 to this issue.
Users of fetchmail are advised to upgrade to these updated packages,
which contain a backported patch which resolves this issue.
See also :
Update the affected fetchmail and / or fetchmailconf packages.
Risk factor :
Low / CVSS Base Score : 2.1
Family: Red Hat Local Security Checks
Nessus Plugin ID: 20106 ()
CVE ID: CVE-2005-3088
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.