Lucene search

K
cve[email protected]CVE-2008-2711
HistoryJun 16, 2008 - 9:41 p.m.

CVE-2008-2711

2008-06-1621:41:00
CWE-20
web.nvd.nist.gov
46
cve-2008-2711
fetchmail
denial of service
crash
persistent mail failure
vsnprintf
verbose mode

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.2 High

AI Score

Confidence

High

0.113 Low

EPSS

Percentile

95.2%

fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages.

Affected configurations

NVD
Node
fetchmailfetchmailRange6.3.8
OR
fetchmailfetchmailMatch4.5.1
OR
fetchmailfetchmailMatch4.5.2
OR
fetchmailfetchmailMatch4.5.3
OR
fetchmailfetchmailMatch4.5.4
OR
fetchmailfetchmailMatch4.5.5
OR
fetchmailfetchmailMatch4.5.6
OR
fetchmailfetchmailMatch4.5.7
OR
fetchmailfetchmailMatch4.5.8
OR
fetchmailfetchmailMatch4.6.0
OR
fetchmailfetchmailMatch4.6.1
OR
fetchmailfetchmailMatch4.6.2
OR
fetchmailfetchmailMatch4.6.3
OR
fetchmailfetchmailMatch4.6.4
OR
fetchmailfetchmailMatch4.6.5
OR
fetchmailfetchmailMatch4.6.6
OR
fetchmailfetchmailMatch4.6.7
OR
fetchmailfetchmailMatch4.6.8
OR
fetchmailfetchmailMatch4.6.9
OR
fetchmailfetchmailMatch4.7.0
OR
fetchmailfetchmailMatch4.7.1
OR
fetchmailfetchmailMatch4.7.2
OR
fetchmailfetchmailMatch4.7.3
OR
fetchmailfetchmailMatch4.7.4
OR
fetchmailfetchmailMatch4.7.5
OR
fetchmailfetchmailMatch4.7.6
OR
fetchmailfetchmailMatch4.7.7
OR
fetchmailfetchmailMatch5.0.0
OR
fetchmailfetchmailMatch5.0.1
OR
fetchmailfetchmailMatch5.0.2
OR
fetchmailfetchmailMatch5.0.3
OR
fetchmailfetchmailMatch5.0.4
OR
fetchmailfetchmailMatch5.0.5
OR
fetchmailfetchmailMatch5.0.6
OR
fetchmailfetchmailMatch5.0.7
OR
fetchmailfetchmailMatch5.0.8
OR
fetchmailfetchmailMatch5.1.0
OR
fetchmailfetchmailMatch5.1.4
OR
fetchmailfetchmailMatch5.2.0
OR
fetchmailfetchmailMatch5.2.1
OR
fetchmailfetchmailMatch5.2.3
OR
fetchmailfetchmailMatch5.2.4
OR
fetchmailfetchmailMatch5.2.7
OR
fetchmailfetchmailMatch5.2.8
OR
fetchmailfetchmailMatch5.3.0
OR
fetchmailfetchmailMatch5.3.1
OR
fetchmailfetchmailMatch5.3.3
OR
fetchmailfetchmailMatch5.3.8
OR
fetchmailfetchmailMatch5.4.0
OR
fetchmailfetchmailMatch5.4.3
OR
fetchmailfetchmailMatch5.4.4
OR
fetchmailfetchmailMatch5.4.5
OR
fetchmailfetchmailMatch5.5.0
OR
fetchmailfetchmailMatch5.5.2
OR
fetchmailfetchmailMatch5.5.3
OR
fetchmailfetchmailMatch5.5.5
OR
fetchmailfetchmailMatch5.5.6
OR
fetchmailfetchmailMatch5.6.0
OR
fetchmailfetchmailMatch5.7.0
OR
fetchmailfetchmailMatch5.7.2
OR
fetchmailfetchmailMatch5.7.4
OR
fetchmailfetchmailMatch5.8
OR
fetchmailfetchmailMatch5.8.1
OR
fetchmailfetchmailMatch5.8.2
OR
fetchmailfetchmailMatch5.8.3
OR
fetchmailfetchmailMatch5.8.4
OR
fetchmailfetchmailMatch5.8.5
OR
fetchmailfetchmailMatch5.8.6
OR
fetchmailfetchmailMatch5.8.11
OR
fetchmailfetchmailMatch5.8.13
OR
fetchmailfetchmailMatch5.8.14
OR
fetchmailfetchmailMatch5.8.17
OR
fetchmailfetchmailMatch5.9.0
OR
fetchmailfetchmailMatch5.9.4
OR
fetchmailfetchmailMatch5.9.5
OR
fetchmailfetchmailMatch5.9.8
OR
fetchmailfetchmailMatch5.9.10
OR
fetchmailfetchmailMatch5.9.11
OR
fetchmailfetchmailMatch5.9.13
OR
fetchmailfetchmailMatch6.0.0
OR
fetchmailfetchmailMatch6.1.0
OR
fetchmailfetchmailMatch6.1.3
OR
fetchmailfetchmailMatch6.2.0
OR
fetchmailfetchmailMatch6.2.1
OR
fetchmailfetchmailMatch6.2.2
OR
fetchmailfetchmailMatch6.2.3
OR
fetchmailfetchmailMatch6.2.4
OR
fetchmailfetchmailMatch6.2.5
OR
fetchmailfetchmailMatch6.2.5.1
OR
fetchmailfetchmailMatch6.2.5.2
OR
fetchmailfetchmailMatch6.2.5.4
OR
fetchmailfetchmailMatch6.2.6pre4
OR
fetchmailfetchmailMatch6.2.6pre8
OR
fetchmailfetchmailMatch6.2.6pre9
OR
fetchmailfetchmailMatch6.2.9rc10
OR
fetchmailfetchmailMatch6.2.9rc3
OR
fetchmailfetchmailMatch6.2.9rc4
OR
fetchmailfetchmailMatch6.2.9rc5
OR
fetchmailfetchmailMatch6.2.9rc7
OR
fetchmailfetchmailMatch6.2.9rc8
OR
fetchmailfetchmailMatch6.2.9rc9
OR
fetchmailfetchmailMatch6.3.0
OR
fetchmailfetchmailMatch6.3.1
OR
fetchmailfetchmailMatch6.3.2
OR
fetchmailfetchmailMatch6.3.3
OR
fetchmailfetchmailMatch6.3.4
OR
fetchmailfetchmailMatch6.3.5
OR
fetchmailfetchmailMatch6.3.6
OR
fetchmailfetchmailMatch6.3.6rc1
OR
fetchmailfetchmailMatch6.3.6rc2
OR
fetchmailfetchmailMatch6.3.6rc3
OR
fetchmailfetchmailMatch6.3.6rc4
OR
fetchmailfetchmailMatch6.3.6rc5
OR
fetchmailfetchmailMatch6.3.7

References

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.2 High

AI Score

Confidence

High

0.113 Low

EPSS

Percentile

95.2%