mail-notification login fails in simplest circumstances
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mail-notification (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
Description: Ubuntu 13.04
Release: 13.04
mail-notification:
Installed: 5.4.dfsg.1-6ubuntu6
Candidate: 5.4.dfsg.1-6ubuntu6
Version table:
*** 5.4.dfsg.1-6ubuntu6 0
500 http://
100 /var/lib/
My ISP runs an SMTP server that is essentially unprotected beyond a userid$password login. It uses all the defaults.
The authentication fails with this applet whereas login using Thunderbird with the same parameters does not.
Speaking with the tech support at my ISP did not elicit any information due to their lack of monitoring gear. We were unable to ascertain exactly what message the applet is sending to the server.
Because this has been a common problem on both 12.10 and 13.04 and no resolution has thus far been found, I am suspicious of the message format that is being sent by the app over the Internet. If possible, someone in your tech group should retest this applet thoroughly since there are security implications.
ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: mail-notification 5.4.dfsg.1-6ubuntu6
ProcVersionSign
Uname: Linux 3.8.0-19-generic x86_64
ApportVersion: 2.9.2-0ubuntu8
Architecture: amd64
Date: Fri Apr 26 18:25:20 2013
InstallationDate: Installed on 2012-10-22 (185 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
MarkForUpload: True
ProcEnviron:
LANGUAGE=en_CA:en
PATH=(custom, no user)
XDG_RUNTIME_
LANG=en_CA.UTF-8
SHELL=/bin/bash
SourcePackage: mail-notification
UpgradeStatus: Upgraded to raring on 2013-04-25 (1 days ago)
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.