2.6
CVSSv2

CVE-2007-1558

Published: 16/04/2007 Updated: 16/10/2018
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Vulnerability Summary

The APOP protocol allows remote malicious users to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x prior to 1.5.0.12 and 2.x prior to 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail prior to 6.3.8, (5) SeaMonkey 1.0.x prior to 1.0.9 and 1.1.x prior to 1.1.2, (6) Balsa 2.3.16 and previous versions, (7) Mailfilter prior to 0.8.2, and possibly other products.

Affected Products

Vendor Product Versions
Apop ProtocolApop Protocol*

Vendor Advisories

Synopsis Moderate: ruby security update Type/Severity Security Advisory: Moderate Topic Updated ruby packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 4 and 5This update has been rated as having moderate security impact by the RedHat Security Response Team D ...
Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user’s authentication credentials (CVE-2007-1558) ...
Security Vulnerability in APOP Authentication Announced May 30, 2007 Reporter Gaëtan Leurent Impact Moderate Products SeaMonkey, Thunderbird Fixed in ...
Gaëtan Leurent showed a weakness in APOP authentication An attacker posing as a trusted server could recover portions of the user’s password via multiple authentication attempts (CVE-2007-1558) ...
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1558 Gatan Leurent discovered a cryptographical weakness in APOP authentication, which reduces the required efforts for ...
Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1362 Nicolas Derouet discovered that Iceape performs insufficient validation of cookies, which could lead to den ...

References

NVD-CWE-Otherftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.aschttp://balsa.gnome.org/download.htmlhttp://docs.info.apple.com/article.html?artnum=305530http://fetchmail.berlios.de/fetchmail-SA-2007-01.txthttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579http://lists.apple.com/archives/security-announce/2007/May/msg00004.htmlhttp://mail.gnome.org/archives/balsa-list/2007-July/msg00000.htmlhttp://secunia.com/advisories/25353http://secunia.com/advisories/25402http://secunia.com/advisories/25476http://secunia.com/advisories/25496http://secunia.com/advisories/25529http://secunia.com/advisories/25534http://secunia.com/advisories/25546http://secunia.com/advisories/25559http://secunia.com/advisories/25664http://secunia.com/advisories/25750http://secunia.com/advisories/25798http://secunia.com/advisories/25858http://secunia.com/advisories/25894http://secunia.com/advisories/26083http://secunia.com/advisories/26415http://secunia.com/advisories/35699http://security.gentoo.org/glsa/glsa-200706-06.xmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857http://sourceforge.net/forum/forum.php?forum_id=683706http://sylpheed.sraoss.jp/en/news.htmlhttp://www.claws-mail.org/news.phphttp://www.debian.org/security/2007/dsa-1300http://www.debian.org/security/2007/dsa-1305http://www.mandriva.com/security/advisories?name=MDKSA-2007:105http://www.mandriva.com/security/advisories?name=MDKSA-2007:107http://www.mandriva.com/security/advisories?name=MDKSA-2007:113http://www.mandriva.com/security/advisories?name=MDKSA-2007:119http://www.mandriva.com/security/advisories?name=MDKSA-2007:131http://www.mozilla.org/security/announce/2007/mfsa2007-15.htmlhttp://www.novell.com/linux/security/advisories/2007_14_sr.htmlhttp://www.novell.com/linux/security/advisories/2007_36_mozilla.htmlhttp://www.openwall.com/lists/oss-security/2009/08/15/1http://www.openwall.com/lists/oss-security/2009/08/18/1http://www.redhat.com/support/errata/RHSA-2007-0344.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0353.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0385.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0386.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0401.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0402.htmlhttp://www.redhat.com/support/errata/RHSA-2009-1140.htmlhttp://www.securityfocus.com/archive/1/464477/30/0/threadedhttp://www.securityfocus.com/archive/1/464569/100/0/threadedhttp://www.securityfocus.com/archive/1/470172/100/200/threadedhttp://www.securityfocus.com/archive/1/471455/100/0/threadedhttp://www.securityfocus.com/archive/1/471720/100/0/threadedhttp://www.securityfocus.com/archive/1/471842/100/0/threadedhttp://www.securityfocus.com/bid/23257http://www.securitytracker.com/id?1018008http://www.trustix.org/errata/2007/0019/http://www.trustix.org/errata/2007/0024/http://www.ubuntu.com/usn/usn-469-1http://www.ubuntu.com/usn/usn-520-1http://www.us-cert.gov/cas/techalerts/TA07-151A.htmlhttp://www.vupen.com/english/advisories/2007/1466http://www.vupen.com/english/advisories/2007/1467http://www.vupen.com/english/advisories/2007/1468http://www.vupen.com/english/advisories/2007/1480http://www.vupen.com/english/advisories/2007/1939http://www.vupen.com/english/advisories/2007/1994http://www.vupen.com/english/advisories/2007/2788http://www.vupen.com/english/advisories/2008/0082https://issues.rpath.com/browse/RPL-1231https://issues.rpath.com/browse/RPL-1232https://issues.rpath.com/browse/RPL-1424https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782https://access.redhat.com/errata/RHSA-2009:1140https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2007-0353https://usn.ubuntu.com/520-1/https://nvd.nist.govhttp://tools.cisco.com/security/center/viewAlert.x?alertId=13067