Red Hat Bugzilla – Bug 235290
CVE-2007-1558 Evolution APOP information disclosure
Last modified: 2007-11-30 17:12:01 EST
+++ This bug was initially created as a clone of Bug #235289 +++
A flaw has been found in the way Evolution handles APOP authentication. It is
possible for an attacker to discover authentication credentials by sending
certain responses to Evolution.
The upstream bug has more details:
This flaw should also affect FC5
Fixed in evolution-data-server-1.8.3-5.fc6.
Also ported to 1.6.3-3.fc5 and 1.10.1-2.fc7.