Lucene search

[email protected]CVE-2008-2711

HistoryJun 16, 2008 - 9:41 p.m.

CVE-2008-2711

2008-06-1621:41:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-2711

fetchmail

denial of service

crash

persistent mail failure

vsnprintf

verbose mode

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

High

EPSS

0.113

Percentile

95.2%

JSON

fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages.

Affected configurations

NVD

Node

fetchmailfetchmailRange≤6.3.8

fetchmailfetchmailMatch4.5.1

fetchmailfetchmailMatch4.5.2

fetchmailfetchmailMatch4.5.3

fetchmailfetchmailMatch4.5.4

fetchmailfetchmailMatch4.5.5

fetchmailfetchmailMatch4.5.6

fetchmailfetchmailMatch4.5.7

fetchmailfetchmailMatch4.5.8

fetchmailfetchmailMatch4.6.0

fetchmailfetchmailMatch4.6.1

fetchmailfetchmailMatch4.6.2

fetchmailfetchmailMatch4.6.3

fetchmailfetchmailMatch4.6.4

fetchmailfetchmailMatch4.6.5

fetchmailfetchmailMatch4.6.6

fetchmailfetchmailMatch4.6.7

fetchmailfetchmailMatch4.6.8

fetchmailfetchmailMatch4.6.9

fetchmailfetchmailMatch4.7.0

fetchmailfetchmailMatch4.7.1

fetchmailfetchmailMatch4.7.2

fetchmailfetchmailMatch4.7.3

fetchmailfetchmailMatch4.7.4

fetchmailfetchmailMatch4.7.5

fetchmailfetchmailMatch4.7.6

fetchmailfetchmailMatch4.7.7

fetchmailfetchmailMatch5.0.0

fetchmailfetchmailMatch5.0.1

fetchmailfetchmailMatch5.0.2

fetchmailfetchmailMatch5.0.3

fetchmailfetchmailMatch5.0.4

fetchmailfetchmailMatch5.0.5

fetchmailfetchmailMatch5.0.6

fetchmailfetchmailMatch5.0.7

fetchmailfetchmailMatch5.0.8

fetchmailfetchmailMatch5.1.0

fetchmailfetchmailMatch5.1.4

fetchmailfetchmailMatch5.2.0

fetchmailfetchmailMatch5.2.1

fetchmailfetchmailMatch5.2.3

fetchmailfetchmailMatch5.2.4

fetchmailfetchmailMatch5.2.7

fetchmailfetchmailMatch5.2.8

fetchmailfetchmailMatch5.3.0

fetchmailfetchmailMatch5.3.1

fetchmailfetchmailMatch5.3.3

fetchmailfetchmailMatch5.3.8

fetchmailfetchmailMatch5.4.0

fetchmailfetchmailMatch5.4.3

fetchmailfetchmailMatch5.4.4

fetchmailfetchmailMatch5.4.5

fetchmailfetchmailMatch5.5.0

fetchmailfetchmailMatch5.5.2

fetchmailfetchmailMatch5.5.3

fetchmailfetchmailMatch5.5.5

fetchmailfetchmailMatch5.5.6

fetchmailfetchmailMatch5.6.0

fetchmailfetchmailMatch5.7.0

fetchmailfetchmailMatch5.7.2

fetchmailfetchmailMatch5.7.4

fetchmailfetchmailMatch5.8

fetchmailfetchmailMatch5.8.1

fetchmailfetchmailMatch5.8.2

fetchmailfetchmailMatch5.8.3

fetchmailfetchmailMatch5.8.4

fetchmailfetchmailMatch5.8.5

fetchmailfetchmailMatch5.8.6

fetchmailfetchmailMatch5.8.11

fetchmailfetchmailMatch5.8.13

fetchmailfetchmailMatch5.8.14

fetchmailfetchmailMatch5.8.17

fetchmailfetchmailMatch5.9.0

fetchmailfetchmailMatch5.9.4

fetchmailfetchmailMatch5.9.5

fetchmailfetchmailMatch5.9.8

fetchmailfetchmailMatch5.9.10

fetchmailfetchmailMatch5.9.11

fetchmailfetchmailMatch5.9.13

fetchmailfetchmailMatch6.0.0

fetchmailfetchmailMatch6.1.0

fetchmailfetchmailMatch6.1.3

fetchmailfetchmailMatch6.2.0

fetchmailfetchmailMatch6.2.1

fetchmailfetchmailMatch6.2.2

fetchmailfetchmailMatch6.2.3

fetchmailfetchmailMatch6.2.4

fetchmailfetchmailMatch6.2.5

fetchmailfetchmailMatch6.2.5.1

fetchmailfetchmailMatch6.2.5.2

fetchmailfetchmailMatch6.2.5.4

fetchmailfetchmailMatch6.2.6pre4

fetchmailfetchmailMatch6.2.6pre8

fetchmailfetchmailMatch6.2.6pre9

fetchmailfetchmailMatch6.2.9rc10

fetchmailfetchmailMatch6.2.9rc3

fetchmailfetchmailMatch6.2.9rc4

fetchmailfetchmailMatch6.2.9rc5

fetchmailfetchmailMatch6.2.9rc7

fetchmailfetchmailMatch6.2.9rc8

fetchmailfetchmailMatch6.2.9rc9

fetchmailfetchmailMatch6.3.0

fetchmailfetchmailMatch6.3.1

fetchmailfetchmailMatch6.3.2

fetchmailfetchmailMatch6.3.3

fetchmailfetchmailMatch6.3.4

fetchmailfetchmailMatch6.3.5

fetchmailfetchmailMatch6.3.6

fetchmailfetchmailMatch6.3.6rc1

fetchmailfetchmailMatch6.3.6rc2

fetchmailfetchmailMatch6.3.6rc3

fetchmailfetchmailMatch6.3.6rc4

fetchmailfetchmailMatch6.3.6rc5

fetchmailfetchmailMatch6.3.7

VendorProductVersionCPE
fetchmailfetchmail4.6.0cpe:/a:fetchmail:fetchmail:4.6.0:::
fetchmailfetchmail6.3.6cpe:/a:fetchmail:fetchmail:6.3.6:::
fetchmailfetchmail5.0.0cpe:/a:fetchmail:fetchmail:5.0.0:::
fetchmailfetchmail5.2.1cpe:/a:fetchmail:fetchmail:5.2.1:::
fetchmailfetchmail6.2.6cpe:/a:fetchmail:fetchmail:6.2.6:pre4::
fetchmailfetchmail6.3.7cpe:/a:fetchmail:fetchmail:6.3.7:::
fetchmailfetchmail4.7.3cpe:/a:fetchmail:fetchmail:4.7.3:::
fetchmailfetchmail5.8.5cpe:/a:fetchmail:fetchmail:5.8.5:::
fetchmailfetchmail6.0.0cpe:/a:fetchmail:fetchmail:6.0.0:::
fetchmailfetchmail5.5.2cpe:/a:fetchmail:fetchmail:5.5.2:::

Vendor	Product	Version	CPE
fetchmail	fetchmail	4.6.0	cpe:/a:fetchmail:fetchmail:4.6.0:::
fetchmail	fetchmail	6.3.6	cpe:/a:fetchmail:fetchmail:6.3.6:::
fetchmail	fetchmail	5.0.0	cpe:/a:fetchmail:fetchmail:5.0.0:::
fetchmail	fetchmail	5.2.1	cpe:/a:fetchmail:fetchmail:5.2.1:::
fetchmail	fetchmail	6.2.6	cpe:/a:fetchmail:fetchmail:6.2.6:pre4::
fetchmail	fetchmail	6.3.7	cpe:/a:fetchmail:fetchmail:6.3.7:::
fetchmail	fetchmail	4.7.3	cpe:/a:fetchmail:fetchmail:4.7.3:::
fetchmail	fetchmail	5.8.5	cpe:/a:fetchmail:fetchmail:5.8.5:::
fetchmail	fetchmail	6.0.0	cpe:/a:fetchmail:fetchmail:6.0.0:::
fetchmail	fetchmail	5.5.2	cpe:/a:fetchmail:fetchmail:5.5.2:::