CVE-2005-4348
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.4 Medium
AI Score
Confidence
Low
0.079 Low
EPSS
Percentile
94.3%
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.
Affected configurations
References
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
bugs.debian.org/cgi-bin/bugreport.cgi?bug=343836
fetchmail.berlios.de/fetchmail-SA-2005-03.txt
secunia.com/advisories/17891
secunia.com/advisories/18172
secunia.com/advisories/18231
secunia.com/advisories/18266
secunia.com/advisories/18433
secunia.com/advisories/18463
secunia.com/advisories/18895
secunia.com/advisories/21253
secunia.com/advisories/24007
secunia.com/advisories/24284
securitytracker.com/id?1015383
slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.443499
www.debian.org/security/2005/dsa-939
www.novell.com/linux/security/advisories/2007_4_sr.html
www.osvdb.org/21906
www.redhat.com/support/errata/RHSA-2007-0018.html
www.securityfocus.com/archive/1/420098/100/0/threaded
www.securityfocus.com/archive/1/435197/100/0/threaded
www.securityfocus.com/bid/15987
www.securityfocus.com/bid/19289
www.trustix.org/errata/2006/0002/
www.vupen.com/english/advisories/2005/2996
www.vupen.com/english/advisories/2006/3101
wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:236
exchange.xforce.ibmcloud.com/vulnerabilities/23713
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9659
usn.ubuntu.com/233-1/
Related
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.4 Medium
AI Score
Confidence
Low
0.079 Low
EPSS
Percentile
94.3%