ID CVE-2007-1558
Summary The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.
References
Vulnerable Configurations
  • cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*
    cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*
CVSS
Base: 2.6 (as of 16-10-2018 - 16:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:N/A:N
oval via4
accepted 2013-04-29T04:22:08.786-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.
family unix
id oval:org.mitre.oval:def:9782
status accepted
submitted 2010-07-09T03:56:16-04:00
title The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.
version 24
redhat via4
advisories
  • bugzilla
    id 235289
    title CVE-2007-1558 Evolution APOP information disclosure
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment evolution-data-server is earlier than 0:1.8.0-15.0.3.el5
          oval oval:com.redhat.rhsa:tst:20070344002
        • comment evolution-data-server is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070344003
      • AND
        • comment evolution-data-server-devel is earlier than 0:1.8.0-15.0.3.el5
          oval oval:com.redhat.rhsa:tst:20070344004
        • comment evolution-data-server-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070344005
    rhsa
    id RHSA-2007:0344
    released 2007-05-30
    severity Moderate
    title RHSA-2007:0344: evolution-data-server security update (Moderate)
  • bugzilla
    id 238565
    title CVE-2007-1558 Evolution APOP information disclosure
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • OR
        • AND
          • comment evolution is earlier than 0:1.4.5-20.el3
            oval oval:com.redhat.rhsa:tst:20070353002
          • comment evolution is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070353003
        • AND
          • comment evolution-devel is earlier than 0:1.4.5-20.el3
            oval oval:com.redhat.rhsa:tst:20070353004
          • comment evolution-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070353005
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment evolution is earlier than 0:2.0.2-35.0.2.el4
            oval oval:com.redhat.rhsa:tst:20070353007
          • comment evolution is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070353003
        • AND
          • comment evolution-devel is earlier than 0:2.0.2-35.0.2.el4
            oval oval:com.redhat.rhsa:tst:20070353008
          • comment evolution-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070353005
    rhsa
    id RHSA-2007:0353
    released 2007-05-17
    severity Moderate
    title RHSA-2007:0353: evolution security update (Moderate)
  • bugzilla
    id 241191
    title CVE-2007-1558 fetchmail/mutt/evolution/...: APOP password disclosure vulnerability
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • comment fetchmail is earlier than 0:6.2.0-3.el3.4
        oval oval:com.redhat.rhsa:tst:20070385002
      • comment fetchmail is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20070018003
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • comment fetchmail is earlier than 0:6.2.5-6.0.1.el4
        oval oval:com.redhat.rhsa:tst:20070385005
      • comment fetchmail is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20070018003
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • comment fetchmail is earlier than 0:6.3.6-1.0.1.el5
        oval oval:com.redhat.rhsa:tst:20070385007
      • comment fetchmail is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20070385008
    rhsa
    id RHSA-2007:0385
    released 2007-06-07
    severity Moderate
    title RHSA-2007:0385: fetchmail security update (Moderate)
  • rhsa
    id RHSA-2007:0386
  • rhsa
    id RHSA-2007:0401
  • rhsa
    id RHSA-2007:0402
  • rhsa
    id RHSA-2009:1140
rpms
  • evolution-data-server-0:1.8.0-15.0.3.el5
  • evolution-data-server-devel-0:1.8.0-15.0.3.el5
  • evolution-0:1.4.5-20.el3
  • evolution-devel-0:1.4.5-20.el3
  • evolution-0:2.0.2-35.0.2.el4
  • evolution-devel-0:2.0.2-35.0.2.el4
  • fetchmail-0:6.2.0-3.el3.4
  • fetchmail-0:6.2.5-6.0.1.el4
  • fetchmail-0:6.3.6-1.0.1.el5
  • mutt-5:1.4.1-5.el3
  • mutt-5:1.4.1-12.0.3.el4
  • mutt-5:1.4.2.2-3.0.2.el5
  • thunderbird-0:1.5.0.12-0.1.el4
  • thunderbird-0:1.5.0.12-1.el5
  • seamonkey-0:1.0.9-0.1.el3
  • seamonkey-chat-0:1.0.9-0.1.el3
  • seamonkey-devel-0:1.0.9-0.1.el3
  • seamonkey-dom-inspector-0:1.0.9-0.1.el3
  • seamonkey-js-debugger-0:1.0.9-0.1.el3
  • seamonkey-mail-0:1.0.9-0.1.el3
  • seamonkey-nspr-0:1.0.9-0.1.el3
  • seamonkey-nspr-devel-0:1.0.9-0.1.el3
  • seamonkey-nss-0:1.0.9-0.1.el3
  • seamonkey-nss-devel-0:1.0.9-0.1.el3
  • seamonkey-0:1.0.9-2.el4
  • seamonkey-chat-0:1.0.9-2.el4
  • seamonkey-devel-0:1.0.9-2.el4
  • seamonkey-dom-inspector-0:1.0.9-2.el4
  • seamonkey-js-debugger-0:1.0.9-2.el4
  • seamonkey-mail-0:1.0.9-2.el4
  • seamonkey-nspr-0:1.0.9-2.el4
  • seamonkey-nspr-devel-0:1.0.9-2.el4
  • seamonkey-nss-0:1.0.9-2.el4
  • seamonkey-nss-devel-0:1.0.9-2.el4
  • devhelp-0:0.10-0.8.el4
  • devhelp-devel-0:0.10-0.8.el4
  • irb-0:1.8.1-7.el4_8.3
  • ruby-0:1.8.1-7.el4_8.3
  • ruby-devel-0:1.8.1-7.el4_8.3
  • ruby-docs-0:1.8.1-7.el4_8.3
  • ruby-libs-0:1.8.1-7.el4_8.3
  • ruby-mode-0:1.8.1-7.el4_8.3
  • ruby-tcltk-0:1.8.1-7.el4_8.3
  • ruby-0:1.8.5-5.el5_3.7
  • ruby-devel-0:1.8.5-5.el5_3.7
  • ruby-docs-0:1.8.5-5.el5_3.7
  • ruby-irb-0:1.8.5-5.el5_3.7
  • ruby-libs-0:1.8.5-5.el5_3.7
  • ruby-mode-0:1.8.5-5.el5_3.7
  • ruby-rdoc-0:1.8.5-5.el5_3.7
  • ruby-ri-0:1.8.5-5.el5_3.7
  • ruby-tcltk-0:1.8.5-5.el5_3.7
refmap via4
apple APPLE-SA-2007-05-24
bid 23257
bugtraq
  • 20070402 APOP vulnerability
  • 20070403 Re: APOP vulnerability
  • 20070531 FLEA-2007-0023-1: firefox
  • 20070615 rPSA-2007-0122-1 evolution-data-server
  • 20070619 FLEA-2007-0026-1: evolution-data-server
  • 20070620 FLEA-2007-0027-1: thunderbird
cert TA07-151A
confirm
debian
  • DSA-1300
  • DSA-1305
gentoo GLSA-200706-06
hp
  • HPSBUX02153
  • HPSBUX02156
  • SSRT061181
  • SSRT061236
mandriva
  • MDKSA-2007:105
  • MDKSA-2007:107
  • MDKSA-2007:113
  • MDKSA-2007:119
  • MDKSA-2007:131
mlist
  • [balsa-list] 20070704 balsa-2.3.17 released
  • [oss-security] 20090815 mailfilter 0.8.2 fixes CVE-2007-1558 (APOP)
  • [oss-security] 20090818 Re: CVE-2007-1558 update (was: mailfilter 0.8.2 fixes CVE-2007-1558 (APOP))
sectrack 1018008
secunia
  • 25353
  • 25402
  • 25476
  • 25496
  • 25529
  • 25534
  • 25546
  • 25559
  • 25664
  • 25750
  • 25798
  • 25858
  • 25894
  • 26083
  • 26415
  • 35699
sgi 20070602-01-P
slackware SSA:2007-152-02
suse
  • SUSE-SA:2007:036
  • SUSE-SR:2007:014
trustix
  • 2007-0019
  • 2007-0024
ubuntu
  • USN-469-1
  • USN-520-1
vupen
  • ADV-2007-1466
  • ADV-2007-1467
  • ADV-2007-1468
  • ADV-2007-1480
  • ADV-2007-1939
  • ADV-2007-1994
  • ADV-2007-2788
  • ADV-2008-0082
Last major update 16-10-2018 - 16:39
Published 16-04-2007 - 22:19
Back to Top