fetchmailconf prior to 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with insecure world-readable permissions, which allows local users to obtain sensitive information such as passwords.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fetchmail fetchmail 6.2.5 |
||
fetchmail fetchmail 6.2.5.2 |
||
fetchmail fetchmail 6.2.0 |