The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Getmail | Getmail | 4.0.1 (including) | 4.0.1 (including) |
Getmail | Getmail | 4.0.2 (including) | 4.0.2 (including) |
Getmail | Getmail | 4.0.3 (including) | 4.0.3 (including) |
Getmail | Getmail | 4.0.4 (including) | 4.0.4 (including) |
Getmail | Getmail | 4.0.5 (including) | 4.0.5 (including) |
Getmail | Getmail | 4.0.6 (including) | 4.0.6 (including) |
Getmail | Getmail | 4.0.7 (including) | 4.0.7 (including) |
Getmail | Getmail | 4.0.8 (including) | 4.0.8 (including) |
Getmail | Getmail | 4.0.9 (including) | 4.0.9 (including) |
Getmail | Getmail | 4.0.10 (including) | 4.0.10 (including) |
Getmail | Getmail | 4.0.11 (including) | 4.0.11 (including) |
Getmail | Getmail | 4.0.12 (including) | 4.0.12 (including) |
Getmail | Getmail | 4.0.13 (including) | 4.0.13 (including) |
Getmail | Getmail | 4.1 (including) | 4.1 (including) |
Getmail | Getmail | 4.1.1 (including) | 4.1.1 (including) |
Getmail | Getmail | 4.1.2 (including) | 4.1.2 (including) |
Getmail | Getmail | 4.1.3 (including) | 4.1.3 (including) |
Getmail | Getmail | 4.1.4 (including) | 4.1.4 (including) |
Getmail | Getmail | 4.1.5 (including) | 4.1.5 (including) |
Getmail | Getmail | 4.2.0 (including) | 4.2.0 (including) |
Getmail | Getmail | 4.3.0 (including) | 4.3.0 (including) |
Getmail | Getmail | 4.4.0 (including) | 4.4.0 (including) |
Getmail | Getmail | 4.5.0 (including) | 4.5.0 (including) |
Getmail | Getmail | 4.6.0 (including) | 4.6.0 (including) |
Getmail | Getmail | 4.7.0 (including) | 4.7.0 (including) |
Getmail | Getmail | 4.8.0 (including) | 4.8.0 (including) |
Getmail | Getmail | 4.9.0 (including) | 4.9.0 (including) |
Getmail | Getmail | 4.10.0 (including) | 4.10.0 (including) |
Getmail | Getmail | 4.11.0 (including) | 4.11.0 (including) |
Getmail | Getmail | 4.12.0 (including) | 4.12.0 (including) |
Getmail | Getmail | 4.13.0 (including) | 4.13.0 (including) |
Getmail | Getmail | 4.14.0 (including) | 4.14.0 (including) |
Getmail | Getmail | 4.15.0 (including) | 4.15.0 (including) |
Getmail | Getmail | 4.16.0 (including) | 4.16.0 (including) |
Getmail | Getmail | 4.17.0 (including) | 4.17.0 (including) |
Getmail | Getmail | 4.18.0 (including) | 4.18.0 (including) |
Getmail | Getmail | 4.19.0 (including) | 4.19.0 (including) |
Getmail | Getmail | 4.20.0 (including) | 4.20.0 (including) |
Getmail | Getmail | 4.21.0 (including) | 4.21.0 (including) |
Getmail | Getmail | 4.22.0 (including) | 4.22.0 (including) |
Getmail | Getmail | 4.23.0 (including) | 4.23.0 (including) |
Getmail | Getmail | 4.24.0 (including) | 4.24.0 (including) |
Getmail | Getmail | 4.25.0 (including) | 4.25.0 (including) |
Getmail | Getmail | 4.26.0 (including) | 4.26.0 (including) |
Getmail | Getmail | 4.27.0 (including) | 4.27.0 (including) |
Getmail | Getmail | 4.28.0 (including) | 4.28.0 (including) |
Getmail | Getmail | 4.29.0 (including) | 4.29.0 (including) |
Getmail | Getmail | 4.30.0 (including) | 4.30.0 (including) |
Getmail | Getmail | 4.31.0 (including) | 4.31.0 (including) |
Getmail | Getmail | 4.32.0 (including) | 4.32.0 (including) |
Getmail | Getmail | 4.33.0 (including) | 4.33.0 (including) |
Getmail | Getmail | 4.34.0 (including) | 4.34.0 (including) |
Getmail | Getmail | 4.35.0 (including) | 4.35.0 (including) |
Getmail | Getmail | 4.36.0 (including) | 4.36.0 (including) |
Getmail | Getmail | 4.37.0 (including) | 4.37.0 (including) |
Getmail | Getmail | 4.38.0 (including) | 4.38.0 (including) |
Getmail | Getmail | 4.39.0 (including) | 4.39.0 (including) |
Getmail | Getmail | 4.40.0 (including) | 4.40.0 (including) |
Getmail | Getmail | 4.41.0 (including) | 4.41.0 (including) |
Getmail | Getmail | 4.42.0 (including) | 4.42.0 (including) |
Getmail | Getmail | 4.43.0 (including) | 4.43.0 (including) |
Getmail | Getmail | 4.44.0 (including) | 4.44.0 (including) |
Getmail4 | Ubuntu | lucid | * |
Getmail4 | Ubuntu | precise | * |
Getmail4 | Ubuntu | trusty | * |
Getmail4 | Ubuntu | upstream | * |