CVE-2002-1471 Information

Description

The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-10/0045.html http://www.iss.net/security_center/static/10292.php http://www.securityfocus.com/bid/5875