CVE-2007-1558

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.

References

ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc

http://balsa.gnome.org/download.html

http://docs.info.apple.com/article.html?artnum=305530

http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

http://lists.apple.com/archives/security-announce/2007/May/msg00004.html

http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html

http://secunia.com/advisories/25353

http://secunia.com/advisories/25402

http://secunia.com/advisories/25476

http://secunia.com/advisories/25496

http://secunia.com/advisories/25529

http://secunia.com/advisories/25534

http://secunia.com/advisories/25546

http://secunia.com/advisories/25559

http://secunia.com/advisories/25664

http://secunia.com/advisories/25750

http://secunia.com/advisories/25798

http://secunia.com/advisories/25858

http://secunia.com/advisories/25894

http://secunia.com/advisories/26083

http://secunia.com/advisories/26415

http://secunia.com/advisories/35699

http://security.gentoo.org/glsa/glsa-200706-06.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857

http://sourceforge.net/forum/forum.php?forum_id=683706

http://sylpheed.sraoss.jp/en/news.html

http://www.claws-mail.org/news.php

http://www.debian.org/security/2007/dsa-1300

http://www.debian.org/security/2007/dsa-1305

http://www.mandriva.com/security/advisories?name=MDKSA-2007:105

http://www.mandriva.com/security/advisories?name=MDKSA-2007:107

http://www.mandriva.com/security/advisories?name=MDKSA-2007:113

http://www.mandriva.com/security/advisories?name=MDKSA-2007:119

http://www.mandriva.com/security/advisories?name=MDKSA-2007:131

http://www.mozilla.org/security/announce/2007/mfsa2007-15.html

http://www.novell.com/linux/security/advisories/2007_14_sr.html

http://www.novell.com/linux/security/advisories/2007_36_mozilla.html

http://www.openwall.com/lists/oss-security/2009/08/15/1

http://www.openwall.com/lists/oss-security/2009/08/18/1

http://www.redhat.com/support/errata/RHSA-2007-0344.html

http://www.redhat.com/support/errata/RHSA-2007-0353.html

http://www.redhat.com/support/errata/RHSA-2007-0385.html

http://www.redhat.com/support/errata/RHSA-2007-0386.html

http://www.redhat.com/support/errata/RHSA-2007-0401.html

http://www.redhat.com/support/errata/RHSA-2007-0402.html

http://www.redhat.com/support/errata/RHSA-2009-1140.html

http://www.securityfocus.com/archive/1/464477/30/0/threaded

http://www.securityfocus.com/archive/1/464569/100/0/threaded

http://www.securityfocus.com/archive/1/470172/100/200/threaded

http://www.securityfocus.com/archive/1/471455/100/0/threaded

http://www.securityfocus.com/archive/1/471720/100/0/threaded

http://www.securityfocus.com/archive/1/471842/100/0/threaded

http://www.securityfocus.com/bid/23257

http://www.securitytracker.com/id?1018008

http://www.trustix.org/errata/2007/0019/

http://www.trustix.org/errata/2007/0024/

http://www.ubuntu.com/usn/usn-469-1

http://www.ubuntu.com/usn/usn-520-1

http://www.us-cert.gov/cas/techalerts/TA07-151A.html

http://www.vupen.com/english/advisories/2007/1466

http://www.vupen.com/english/advisories/2007/1467

http://www.vupen.com/english/advisories/2007/1468

http://www.vupen.com/english/advisories/2007/1480

http://www.vupen.com/english/advisories/2007/1939

http://www.vupen.com/english/advisories/2007/1994

http://www.vupen.com/english/advisories/2007/2788

http://www.vupen.com/english/advisories/2008/0082

https://issues.rpath.com/browse/RPL-1231

https://issues.rpath.com/browse/RPL-1232

https://issues.rpath.com/browse/RPL-1424

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782

Details

Source: MITRE

Published: 2007-04-16

Updated: 2018-10-16

Risk Information

CVSS v2

Base Score: 2.6

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 4.9

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*

Tenable Plugins

View all (58 total)

IDNameProductFamilySeverity
67889Oracle Linux 4 / 5 : ruby (ELSA-2009-1140)NessusOracle Linux Local Security Checks
medium
67511Oracle Linux 3 / 4 : seamonkey (ELSA-2007-0402)NessusOracle Linux Local Security Checks
high
67510Oracle Linux 4 : thunderbird (ELSA-2007-0401)NessusOracle Linux Local Security Checks
high
67505Oracle Linux 3 / 4 / 5 : mutt (ELSA-2007-0386)NessusOracle Linux Local Security Checks
low
67504Oracle Linux 3 / 4 / 5 : fetchmail (ELSA-2007-0385)NessusOracle Linux Local Security Checks
low
67498Oracle Linux 3 / 4 : evolution (ELSA-2007-0353)NessusOracle Linux Local Security Checks
low
67492Oracle Linux 5 : evolution-data-server (ELSA-2007-0344)NessusOracle Linux Local Security Checks
low
62264Fedora 7 : mutt-1.5.14-4.fc7 (2007-0002)NessusFedora Local Security Checks
low
60613Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60196Scientific Linux Security Update : fetchmail on SL5.x, SL4.x, SL3.x i386/x86_64NessusScientific Linux Local Security Checks
low
60195Scientific Linux Security Update : mutt on SL5.x, SL4.x, SL3.x i386/x86_64NessusScientific Linux Local Security Checks
low
60194Scientific Linux Security Update : seamonkey on SL4.x, SL3.x i386/x86_64NessusScientific Linux Local Security Checks
high
60190Scientific Linux Security Update : evolution-data-server on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
low
60189Scientific Linux Security Update : Thunderbird on SL5.x, SL4.x, SL3.x i386/x86_64NessusScientific Linux Local Security Checks
high
60182Scientific Linux Security Update : evolution on SL4.x, SL3.x i386/x86_64NessusScientific Linux Local Security Checks
low
43767CentOS 5 : ruby (CESA-2009:1140)NessusCentOS Local Security Checks
medium
39599RHEL 4 / 5 : ruby (RHSA-2009:1140)NessusRed Hat Local Security Checks
medium
38103CentOS 4 / 5 : thunderbird (CESA-2007:0401)NessusCentOS Local Security Checks
high
37778CentOS 3 / 4 : seamonkey (CESA-2007:0402)NessusCentOS Local Security Checks
high
37483Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2007:131)NessusMandriva Local Security Checks
high
29523SuSE 10 Security Update : mutt (ZYPP Patch Number 3752)NessusSuSE Local Security Checks
low
28125Ubuntu 6.06 LTS / 6.10 / 7.04 : fetchmail vulnerabilities (USN-520-1)NessusUbuntu Local Security Checks
medium
28069Ubuntu 6.06 LTS / 6.10 / 7.04 : mozilla-thunderbird vulnerabilities (USN-469-1)NessusUbuntu Local Security Checks
high
27718Fedora 7 : balsa-2.3.17-2.fc7 (2007-1447)NessusFedora Local Security Checks
low
27670Fedora 7 : thunderbird-2.0.0.4-1.fc7 (2007-0544)NessusFedora Local Security Checks
high
27442openSUSE 10 Security Update : seamonkey (seamonkey-3632)NessusSuSE Local Security Checks
high
27441openSUSE 10 Security Update : seamonkey (seamonkey-3631)NessusSuSE Local Security Checks
high
27355openSUSE 10 Security Update : mutt (mutt-3751)NessusSuSE Local Security Checks
low
27354openSUSE 10 Security Update : mutt (mutt-3702)NessusSuSE Local Security Checks
low
27131openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-3546)NessusSuSE Local Security Checks
high
27130openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-3545)NessusSuSE Local Security Checks
high
25561GLSA-200706-06 : Mozilla products: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
25513Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2007:119)NessusMandriva Local Security Checks
high
25504Debian DSA-1305-1 : icedove - several vulnerabilitiesNessusDebian Local Security Checks
high
25463Debian DSA-1300-1 : iceape - several vulnerabilitiesNessusDebian Local Security Checks
high
25454RHEL 2.1 / 3 / 4 / 5 : fetchmail (RHSA-2007:0385)NessusRed Hat Local Security Checks
low
25447CentOS 3 / 4 / 5 : fetchmail (CESA-2007:0385)NessusCentOS Local Security Checks
low
25431Mandrake Linux Security Advisory : mutt (MDKSA-2007:113)NessusMandriva Local Security Checks
low
25404RHEL 3 / 4 / 5 : mutt (RHSA-2007:0386)NessusRed Hat Local Security Checks
low
25403CentOS 3 / 4 / 5 : mutt (CESA-2007:0386)NessusCentOS Local Security Checks
low
25374Slackware 10.2 / 11.0 / current : firefox-seamonkey-thunderbird (SSA:2007-152-02)NessusSlackware Local Security Checks
high
25367RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2007:0402)NessusRed Hat Local Security Checks
high
25366RHEL 4 / 5 : thunderbird (RHSA-2007:0401)NessusRed Hat Local Security Checks
high
25362RHEL 5 : evolution-data-server (RHSA-2007:0344)NessusRed Hat Local Security Checks
low
25353CentOS 5 : evolution-data-server (CESA-2007:0344)NessusCentOS Local Security Checks
low
4073SeaMonkey < 1.0.9 / 1.1.2 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
4072Mozilla Thunderbird < 1.5.0.12 Multiple Vulnerabilities (deprecated)Nessus Network MonitorSMTP Clients
high
25351SeaMonkey < 1.0.9 / 1.1.2 Multiple VulnerabilitiesNessusWindows
high
25350Mozilla Thunderbird < 1.5.0.12 Multiple VulnerabilitiesNessusWindows
high
25297Mac OS X Multiple Vulnerabilities (Security Update 2007-005)NessusMacOS X Local Security Checks
critical
25268RHEL 3 / 4 : evolution (RHSA-2007:0353)NessusRed Hat Local Security Checks
low
25266Mandrake Linux Security Advisory : evolution (MDKSA-2007:107)NessusMandriva Local Security Checks
low
25265Mandrake Linux Security Advisory : fetchmail (MDKSA-2007:105)NessusMandriva Local Security Checks
low
25255CentOS 3 / 4 : evolution (CESA-2007:0353)NessusCentOS Local Security Checks
low
25102FreeBSD : claws-mail -- APOP vulnerability (c389d06d-ee57-11db-bd51-0016179b2dd5)NessusFreeBSD Local Security Checks
low
25018FreeBSD : fetchmail -- insecure APOP authentication (f1c4d133-e6d3-11db-99ea-0060084a00e5)NessusFreeBSD Local Security Checks
low
801361Mozilla Thunderbird < 1.5.0.12 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
801309Mozilla SeaMonkey < 1.0.9 / 1.1.2 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high