CVE Vulnerabilities

CVE-2007-3209

Published: Jun 14, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses unencrypted connections for accounts configured with SSL/TLS, which allows remote attackers to obtain sensitive information by sniffing the network.

Affected Software

Name Vendor Start Version End Version
Mail_notification Nongnu 4.0 (including) 4.0 (including)
Mail-notification Ubuntu dapper *
Mail-notification Ubuntu devel *
Mail-notification Ubuntu edgy *
Mail-notification Ubuntu feisty *
Mail-notification Ubuntu gutsy *
Mail-notification Ubuntu hardy *
Mail-notification Ubuntu intrepid *
Mail-notification Ubuntu jaunty *
Mail-notification Ubuntu karmic *

References