CVE-2002-1471

NameCVE-2002-1471
DescriptionThe camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs280883

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
evolution (PTS)bullseye (security), bullseye3.38.3-1+deb11u2fixed
bookworm3.46.4-2fixed
bookworm (security)3.46.4-2+deb12u1fixed
trixie3.56.1-1fixed
trixie (security)3.56.1-1+deb13u1fixed
forky, sid3.56.2-7fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
evolutionsource(unstable)1.2.0-1280883
Search for package or bug name: Reporting problems