CVE Vulnerabilities

CVE-2014-7275

Published: Oct 08, 2014 | Modified: Dec 22, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate.

Affected Software

Name Vendor Start Version End Version
Getmail Getmail 4.0.1 (including) 4.0.1 (including)
Getmail Getmail 4.0.2 (including) 4.0.2 (including)
Getmail Getmail 4.0.3 (including) 4.0.3 (including)
Getmail Getmail 4.0.4 (including) 4.0.4 (including)
Getmail Getmail 4.0.5 (including) 4.0.5 (including)
Getmail Getmail 4.0.6 (including) 4.0.6 (including)
Getmail Getmail 4.0.7 (including) 4.0.7 (including)
Getmail Getmail 4.0.8 (including) 4.0.8 (including)
Getmail Getmail 4.0.9 (including) 4.0.9 (including)
Getmail Getmail 4.0.10 (including) 4.0.10 (including)
Getmail Getmail 4.0.11 (including) 4.0.11 (including)
Getmail Getmail 4.0.12 (including) 4.0.12 (including)
Getmail Getmail 4.0.13 (including) 4.0.13 (including)
Getmail Getmail 4.1 (including) 4.1 (including)
Getmail Getmail 4.1.1 (including) 4.1.1 (including)
Getmail Getmail 4.1.2 (including) 4.1.2 (including)
Getmail Getmail 4.1.3 (including) 4.1.3 (including)
Getmail Getmail 4.1.4 (including) 4.1.4 (including)
Getmail Getmail 4.1.5 (including) 4.1.5 (including)
Getmail Getmail 4.2.0 (including) 4.2.0 (including)
Getmail Getmail 4.3.0 (including) 4.3.0 (including)
Getmail Getmail 4.4.0 (including) 4.4.0 (including)
Getmail Getmail 4.5.0 (including) 4.5.0 (including)
Getmail Getmail 4.6.0 (including) 4.6.0 (including)
Getmail Getmail 4.7.0 (including) 4.7.0 (including)
Getmail Getmail 4.8.0 (including) 4.8.0 (including)
Getmail Getmail 4.9.0 (including) 4.9.0 (including)
Getmail Getmail 4.10.0 (including) 4.10.0 (including)
Getmail Getmail 4.11.0 (including) 4.11.0 (including)
Getmail Getmail 4.12.0 (including) 4.12.0 (including)
Getmail Getmail 4.13.0 (including) 4.13.0 (including)
Getmail Getmail 4.14.0 (including) 4.14.0 (including)
Getmail Getmail 4.15.0 (including) 4.15.0 (including)
Getmail Getmail 4.16.0 (including) 4.16.0 (including)
Getmail Getmail 4.17.0 (including) 4.17.0 (including)
Getmail Getmail 4.18.0 (including) 4.18.0 (including)
Getmail Getmail 4.19.0 (including) 4.19.0 (including)
Getmail Getmail 4.20.0 (including) 4.20.0 (including)
Getmail Getmail 4.21.0 (including) 4.21.0 (including)
Getmail Getmail 4.22.0 (including) 4.22.0 (including)
Getmail Getmail 4.23.0 (including) 4.23.0 (including)
Getmail Getmail 4.24.0 (including) 4.24.0 (including)
Getmail Getmail 4.25.0 (including) 4.25.0 (including)
Getmail Getmail 4.26.0 (including) 4.26.0 (including)
Getmail Getmail 4.27.0 (including) 4.27.0 (including)
Getmail Getmail 4.28.0 (including) 4.28.0 (including)
Getmail Getmail 4.29.0 (including) 4.29.0 (including)
Getmail Getmail 4.30.0 (including) 4.30.0 (including)
Getmail Getmail 4.31.0 (including) 4.31.0 (including)
Getmail Getmail 4.32.0 (including) 4.32.0 (including)
Getmail Getmail 4.33.0 (including) 4.33.0 (including)
Getmail Getmail 4.34.0 (including) 4.34.0 (including)
Getmail Getmail 4.35.0 (including) 4.35.0 (including)
Getmail Getmail 4.36.0 (including) 4.36.0 (including)
Getmail Getmail 4.37.0 (including) 4.37.0 (including)
Getmail Getmail 4.38.0 (including) 4.38.0 (including)
Getmail Getmail 4.39.0 (including) 4.39.0 (including)
Getmail Getmail 4.40.0 (including) 4.40.0 (including)
Getmail Getmail 4.41.0 (including) 4.41.0 (including)
Getmail Getmail 4.42.0 (including) 4.42.0 (including)
Getmail Getmail 4.43.0 (including) 4.43.0 (including)
Getmail Getmail 4.44.0 (including) 4.44.0 (including)
Getmail4 Ubuntu lucid *
Getmail4 Ubuntu precise *
Getmail4 Ubuntu trusty *
Getmail4 Ubuntu upstream *

References