CVE-2006-5867
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
Date published : 2007-01-08
http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html