Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-1947HistoryJun 02, 2011 - 7:55 p.m.
CVE-2011-1947
2011-06-0219:55:00
Debian Security Bug Tracker
security-tracker.debian.org
8
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.014 Low
EPSS
Percentile
86.3%
fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | fetchmail | < 6.3.22-1 | fetchmail_6.3.22-1_all.deb |
| Debian | 11 | all | fetchmail | < 6.3.22-1 | fetchmail_6.3.22-1_all.deb |
| Debian | 10 | all | fetchmail | < 6.3.22-1 | fetchmail_6.3.22-1_all.deb |
| Debian | 999 | all | fetchmail | < 6.3.22-1 | fetchmail_6.3.22-1_all.deb |
| Debian | 13 | all | fetchmail | < 6.3.22-1 | fetchmail_6.3.22-1_all.deb |
Related
openvas
openvas
FreeBSD Ports: fetchmail
2011-08-03 00:00:00
FreeBSD Ports: fetchmail
2011-08-03 00:00:00
Fedora Update for fetchmail FEDORA-2011-8059
2011-06-24 00:00:00
nessus
nessus
Fedora 14 : fetchmail-6.3.20-1.fc14 (2011-8021)
2011-06-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package fetchmail version 6.3.20-alt1
2011-06-07 00:00:00
Security fix for the ALT Linux 5 package fetchmail version 6.3.20-alt1
2011-06-07 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: fetchmail-6.3.20-1.fc13
2011-06-21 17:15:34
[SECURITY] Fedora 15 Update: fetchmail-6.3.20-1.fc15
2011-06-21 17:24:01
[SECURITY] Fedora 14 Update: fetchmail-6.3.20-1.fc14
2011-06-21 17:37:34
cve
cve
CVE-2011-1947
2011-06-02 19:55:00
securityvulns
securityvulns
fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947)
2011-06-07 00:00:00
fetchmail DoS
2011-06-07 00:00:00
ubuntucve
ubuntucve
CVE-2011-1947
2011-06-02 00:00:00
freebsd
freebsd
fetchmail -- STARTTLS denial of service
2011-04-28 00:00:00
prion
prion
Cross site request forgery (csrf)
2011-06-02 19:55:00
slackware
slackware
[slackware-security] fetchmail
2011-06-20 21:18:49
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.014 Low
EPSS
Percentile
86.3%
Related for DEBIANCVE:CVE-2011-1947