Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD168190DF-3E9A-11DD-87BC-000EA69A5213
HistoryJun 13, 2008 - 12:00 a.m.

fetchmail -- potential crash in -v -v verbose mode

2008-06-1300:00:00
vuxml.freebsd.org
18

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.105 Low

EPSS

Percentile

94.9%

JSON

Matthias Andree reports:

Gunter Nau reported fetchmail crashing on some messages; further
debugging by Petr Uzel and Petr Cerny at Novell/SUSE Czech Republic
dug up that this happened when fetchmail was trying to print, in
-v -v verbose level, headers exceeding 2048 bytes. In this
situation, fetchmail would resize the buffer and fill in further
parts of the message, but forget to reinitialize its va_list
typed source pointer, thus reading data from a garbage address found
on the stack at addresses above the function arguments the caller
passed in; usually that would be the caller’s stack frame.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfetchmail<Β 6.3.8_6UNKNOWN

Related

openvas 21
nessus 12
debiancve 1
prion 1
seebug 1
securityvulns 2
fedora 2
veracode 1
cve 1
freebsd 2
ubuntucve 1
slackware 1
altlinux 2
redhatcve 1
redhat 1
centos 1
oraclelinux 1
openvas
openvas
Slackware Advisory SSA:2008-210-01 fetchmail
2012-09-11 00:00:00
Mandriva Update for fetchmail MDVSA-2008:117 (fetchmail)
2009-04-09 00:00:00
FreeBSD Ports: fetchmail
2008-09-04 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : fetchmail (MDVSA-2008:117)
2009-04-23 00:00:00
FreeBSD : fetchmail -- potential crash in -v -v verbose mode (168190df-3e9a-11dd-87bc-000ea69a5213)
2008-06-24 00:00:00
FreeBSD : fetchmail -- potential crash in -v -v verbose mode (revised patch) (1e8e63c0-478a-11dd-a88d-000ea69a5213)
2008-07-02 00:00:00
debiancve
debiancve
CVE-2008-2711
2008-06-16 21:41:00
prion
prion
Format string
2008-06-16 21:41:00
seebug
seebug
Fetchmail Verbose樑式袅倧ζ—₯εΏ—ζΆˆζ―θΏœη¨‹ζ‹’η»ζœεŠ‘ζΌζ΄ž
2008-06-20 00:00:00
securityvulns
securityvulns
fetchmail security announcement fetchmail-SA-2008-01 &#40;CVE-2008-2711&#41;
2008-06-17 00:00:00
fetchmail multiple security vulnerabilities
2008-06-17 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: fetchmail-6.3.8-7.fc9
2008-06-28 22:15:01
[SECURITY] Fedora 8 Update: fetchmail-6.3.8-4.fc8
2008-06-28 22:15:22
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:36:12
cve
cve
CVE-2008-2711
2008-06-16 21:41:00
freebsd
freebsd
fetchmail -- potential crash in -v -v verbose mode (revised patch)
2008-06-24 00:00:00
fetchmail -- 6.4.19 and older denial of service or information disclosure
2021-07-07 00:00:00
ubuntucve
ubuntucve
CVE-2008-2711
2008-06-16 00:00:00
slackware
slackware
[slackware-security] fetchmail
2008-07-29 05:31:09
altlinux
altlinux
Security fix for the ALT Linux 6 package fetchmail version 6.3.9-alt1
2008-12-01 00:00:00
Security fix for the ALT Linux 5 package fetchmail version 6.3.9-alt1
2008-12-01 00:00:00
redhatcve
redhatcve
CVE-2021-36386
2021-07-29 16:20:37
redhat
redhat
(RHSA-2009:1427) Moderate: fetchmail security update
2009-09-08 00:00:00
centos
centos
fetchmail security update
2009-09-08 17:07:54
oraclelinux
oraclelinux
fetchmail security update
2009-09-09 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.105 Low

EPSS

Percentile

94.9%

JSON
Related for 168190DF-3E9A-11DD-87BC-000EA69A5213
openvas21nessus12debiancve1prion1seebug1securityvulns2fedora2veracode1cve1freebsd2ubuntucve1slackware1altlinux2redhatcve1redhat1centos1oraclelinux1