Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3088

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-3088
Last Modified 07 Mar 2011 09:25:47
Published 27 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3088

Summary

fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with insecure world-readable permissions, which allows local users to obtain sensitive information such as passwords.

Vulnerable Systems

Application

  • Fetchmail 6.2.0

  • Fetchmail 6.2.5

  • Fetchmail 6.2.5.2


References

CERT - TA06-214A

BID - 15179

SECUNIA - 17293

CONFIRM - http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt

VUPEN - ADV-2006-3101

VUPEN - ADV-2005-2182

UBUNTU - USN-215-1

BID - 19289

REDHAT - RHSA-2005:823

OSVDB - 20267

MANDRIVA - MDKSA-2005:209

GENTOO - GLSA-200511-06

DEBIAN - DSA-900

SLACKWARE - SSA:2006-045-01

SECTRACK - 1015114

SECUNIA - 21253

SECUNIA - 18895

SECUNIA - 17631

SECUNIA - 17495

SECUNIA - 17491

SECUNIA - 17446

SECUNIA - 17349

BUGTRAQ - 20051027 fetchmail security announcement 2005-02 (CVE-2005-3088)

APPLE - APPLE-SA-2006-08-01

Related Patches

Apple 2006-08-01 Security Update 2006-004 Mac OS X 10.4.7 Client (PPC)

Apple 2006-08-01 Security Update 2006-004 Mac OS X 10.4.7 Client (Intel)


Last Updated: 27 May 2016 10:40:48