[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-3088Date: (C)2005-10-27   (M)2023-12-22


fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with insecure world-readable permissions, which allows local users to obtain sensitive information such as passwords.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECTRACK-1015114
BID-15179
SECUNIA-17293
SECUNIA-17349
SECUNIA-17446
SECUNIA-17491
SECUNIA-17495
SECUNIA-17631
SECUNIA-18895
BID-19289
http://marc.info/?l=bugtraq&m=113042785902031&w=2
OSVDB-20267
SECUNIA-21253
ADV-2005-2182
ADV-2006-3101
APPLE-SA-2006-08-01
DSA-900
GLSA-200511-06
MDKSA-2005:209
RHSA-2005:823
SSA:2006-045-01
TA06-214A
USN-215-1
http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt

CPE    3
cpe:/a:fetchmail:fetchmail:6.2.0
cpe:/a:fetchmail:fetchmail:6.2.5
cpe:/a:fetchmail:fetchmail:6.2.5.2
CWE    1
CWE-200

© SecPod Technologies