Mandriva Update For Evolution MDKSA-2007:107 (evolution) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A weakness in the way Evolution processed certain APOP authentication requests was discovered. A remote attacker could potentially obtain certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server. The updated packages have been patched to prevent this issue.

Affected

evolution on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64

Severity

Classification

CVE CVE-2007-1558
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Mandriva Update for acpid MDVSA-2012:086 (acpid)
Mandriva Security Advisory MDVSA-2009:091-1 (mod_perl)
Mandriva Update for timezone MDVA-2011:072 (timezone)
Mandriva Update for wireshark MDVSA-2012:125 (wireshark)
Mandrake Security Advisory MDVSA-2009:070 (openoffice.org)

Mandriva Update for evolution MDKSA-2007:107 (evolution)

Take action and discover your vulnerabilities