The POP3-over-SSL implementation in getmail 4.0.0 up to and including 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof POP3 servers and obtain sensitive information via a crafted certificate.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
getmail getmail 4.0.10 |
||
getmail getmail 4.0.5 |
||
getmail getmail 4.0.7 |
||
getmail getmail 4.1.4 |
||
getmail getmail 4.10.0 |
||
getmail getmail 4.15.0 |
||
getmail getmail 4.17.0 |
||
getmail getmail 4.23.0 |
||
getmail getmail 4.25.0 |
||
getmail getmail 4.31.0 |
||
getmail getmail 4.33.0 |
||
getmail getmail 4.38.0 |
||
getmail getmail 4.4.0 |
||
getmail getmail 4.6.0 |
||
getmail getmail 4.8.0 |
||
getmail getmail 4.0.12 |
||
getmail getmail 4.0.13 |
||
getmail getmail 4.0.2 |
||
getmail getmail 4.0.3 |
||
getmail getmail 4.11.0 |
||
getmail getmail 4.12.0 |
||
getmail getmail 4.13.0 |
||
getmail getmail 4.14.0 |
||
getmail getmail 4.27.0 |
||
getmail getmail 4.28.0 |
||
getmail getmail 4.29.0 |
||
getmail getmail 4.3.0 |
||
getmail getmail 4.41.0 |
||
getmail getmail 4.42.0 |
||
getmail getmail 4.43.0 |
||
getmail getmail 4.44.0 |
||
getmail getmail 4.5.0 |
||
getmail getmail 4.0.9 |
||
getmail getmail 4.1 |
||
getmail getmail 4.1.1 |
||
getmail getmail 4.1.2 |
||
getmail getmail 4.19.0 |
||
getmail getmail 4.2.0 |
||
getmail getmail 4.20.0 |
||
getmail getmail 4.21.0 |
||
getmail getmail 4.34.0 |
||
getmail getmail 4.35.0 |
||
getmail getmail 4.36.0 |
||
getmail getmail 4.37.0 |
||
getmail getmail 4.0.1 |
||
getmail getmail 4.0.11 |
||
getmail getmail 4.0.4 |
||
getmail getmail 4.0.6 |
||
getmail getmail 4.0.8 |
||
getmail getmail 4.1.3 |
||
getmail getmail 4.1.5 |
||
getmail getmail 4.16.0 |
||
getmail getmail 4.18.0 |
||
getmail getmail 4.22.0 |
||
getmail getmail 4.24.0 |
||
getmail getmail 4.26.0 |
||
getmail getmail 4.30.0 |
||
getmail getmail 4.32.0 |
||
getmail getmail 4.39.0 |
||
getmail getmail 4.40.0 |
||
getmail getmail 4.7.0 |
||
getmail getmail 4.9.0 |