Scientific Linux Security Update : fetchmail on SL5.x, SL4.x, SL3.x i386/x86_64
Low Nessus Plugin ID 60196
SynopsisThe remote Scientific Linux host is missing a security update.
DescriptionA flaw was found in the way fetchmail processed certain APOP authentication requests. By sending certain responses when fetchmail attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558)
SolutionUpdate the affected fetchmail package.