CVE-2014-2014

imapsync before 1.584, when running with the –tls option, attempts a cleartext login when a certificate verification failure occurs, which allows remote attackers to obtain credentials by sniffing the network.

Date published : 2014-04-18

https://bugs.mageia.org/show_bug.cgi?id=12770

https://github.com/imapsync/imapsync/issues/15