Mandrake Linux Security Advisory : evolution (MDKSA-2007:107)
Low Nessus Plugin ID 25266
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA weakness in the way Evolution processed certain APOP authentication requests was discovered. A remote attacker could potentially obtain certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server.
The updated packages have been patched to prevent this issue.
SolutionUpdate the affected packages.