Lucene search
HistoryMay 07, 2010 - 6:24 p.m.
CVE-2010-1167
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.4 Medium
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.3%
fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted (1) message header or (2) POP3 UIDL list.
Affected configurations
Node
fetchmailfetchmailRange≤6.3.9rc2
ORfetchmailfetchmailMatch4.6.3
ORfetchmailfetchmailMatch4.6.4
ORfetchmailfetchmailMatch4.6.5
ORfetchmailfetchmailMatch4.6.6
ORfetchmailfetchmailMatch4.6.7
ORfetchmailfetchmailMatch4.6.8
ORfetchmailfetchmailMatch4.6.9
ORfetchmailfetchmailMatch4.7.0
ORfetchmailfetchmailMatch4.7.1
ORfetchmailfetchmailMatch4.7.2
ORfetchmailfetchmailMatch4.7.3
ORfetchmailfetchmailMatch4.7.4
ORfetchmailfetchmailMatch4.7.5
ORfetchmailfetchmailMatch4.7.6
ORfetchmailfetchmailMatch4.7.7
ORfetchmailfetchmailMatch5.0.0
ORfetchmailfetchmailMatch5.0.1
ORfetchmailfetchmailMatch5.0.2
ORfetchmailfetchmailMatch5.0.3
ORfetchmailfetchmailMatch5.0.4
ORfetchmailfetchmailMatch5.0.5
ORfetchmailfetchmailMatch5.0.6
ORfetchmailfetchmailMatch5.0.7
ORfetchmailfetchmailMatch5.0.8
ORfetchmailfetchmailMatch5.1.0
ORfetchmailfetchmailMatch5.1.4
ORfetchmailfetchmailMatch5.2.0
ORfetchmailfetchmailMatch5.2.1
ORfetchmailfetchmailMatch5.2.3
ORfetchmailfetchmailMatch5.2.4
ORfetchmailfetchmailMatch5.2.7
ORfetchmailfetchmailMatch5.2.8
ORfetchmailfetchmailMatch5.3.0
ORfetchmailfetchmailMatch5.3.1
ORfetchmailfetchmailMatch5.3.3
ORfetchmailfetchmailMatch5.3.8
ORfetchmailfetchmailMatch5.4.0
ORfetchmailfetchmailMatch5.4.3
ORfetchmailfetchmailMatch5.4.4
ORfetchmailfetchmailMatch5.4.5
ORfetchmailfetchmailMatch5.5.0
ORfetchmailfetchmailMatch5.5.2
ORfetchmailfetchmailMatch5.5.3
ORfetchmailfetchmailMatch5.5.5
ORfetchmailfetchmailMatch5.5.6
ORfetchmailfetchmailMatch5.6.0
ORfetchmailfetchmailMatch5.7.0
ORfetchmailfetchmailMatch5.7.2
ORfetchmailfetchmailMatch5.7.4
ORfetchmailfetchmailMatch5.8
ORfetchmailfetchmailMatch5.8.1
ORfetchmailfetchmailMatch5.8.2
ORfetchmailfetchmailMatch5.8.3
ORfetchmailfetchmailMatch5.8.4
ORfetchmailfetchmailMatch5.8.5
ORfetchmailfetchmailMatch5.8.6
ORfetchmailfetchmailMatch5.8.11
ORfetchmailfetchmailMatch5.8.13
ORfetchmailfetchmailMatch5.8.14
ORfetchmailfetchmailMatch5.8.17
ORfetchmailfetchmailMatch5.9.0
ORfetchmailfetchmailMatch5.9.4
ORfetchmailfetchmailMatch5.9.5
ORfetchmailfetchmailMatch5.9.8
ORfetchmailfetchmailMatch5.9.10
ORfetchmailfetchmailMatch5.9.11
ORfetchmailfetchmailMatch5.9.13
ORfetchmailfetchmailMatch6.0.0
ORfetchmailfetchmailMatch6.1.0
ORfetchmailfetchmailMatch6.1.3
ORfetchmailfetchmailMatch6.2.0
ORfetchmailfetchmailMatch6.2.1
ORfetchmailfetchmailMatch6.2.2
ORfetchmailfetchmailMatch6.2.3
ORfetchmailfetchmailMatch6.2.4
ORfetchmailfetchmailMatch6.2.5
ORfetchmailfetchmailMatch6.2.5.1
ORfetchmailfetchmailMatch6.2.5.2
ORfetchmailfetchmailMatch6.2.5.4
ORfetchmailfetchmailMatch6.2.6pre4
ORfetchmailfetchmailMatch6.2.6pre8
ORfetchmailfetchmailMatch6.2.6pre9
ORfetchmailfetchmailMatch6.2.9rc10
ORfetchmailfetchmailMatch6.2.9rc3
ORfetchmailfetchmailMatch6.2.9rc4
ORfetchmailfetchmailMatch6.2.9rc5
ORfetchmailfetchmailMatch6.2.9rc7
ORfetchmailfetchmailMatch6.2.9rc8
ORfetchmailfetchmailMatch6.2.9rc9
ORfetchmailfetchmailMatch6.3.0
ORfetchmailfetchmailMatch6.3.1
ORfetchmailfetchmailMatch6.3.2
ORfetchmailfetchmailMatch6.3.3
ORfetchmailfetchmailMatch6.3.4
ORfetchmailfetchmailMatch6.3.5
ORfetchmailfetchmailMatch6.3.6
ORfetchmailfetchmailMatch6.3.6rc1
ORfetchmailfetchmailMatch6.3.6rc2
ORfetchmailfetchmailMatch6.3.6rc3
ORfetchmailfetchmailMatch6.3.6rc4
ORfetchmailfetchmailMatch6.3.6rc5
ORfetchmailfetchmailMatch6.3.7
ORfetchmailfetchmailMatch6.3.8
ORfetchmailfetchmailMatch6.3.9
ORfetchmailfetchmailMatch6.3.10
ORfetchmailfetchmailMatch6.3.11
ORfetchmailfetchmailMatch6.3.12
ORfetchmailfetchmailMatch6.3.13
ORfetchmailfetchmailMatch6.3.14
ORfetchmailfetchmailMatch6.3.15
ORfetchmailfetchmailMatch6.3.16
Related
nessus
nessus
FreeBSD : fetchmail -- denial of service vulnerability (09910d76-4c82-11df-83fb-0015587e2cc1)
2010-04-21 00:00:00
RHEL 3 : fetchmail (Unpatched Vulnerability)
2024-06-03 00:00:00
slackware
slackware
[slackware-security] fetchmail
2010-05-17 03:56:35
openvas
openvas
Slackware: Security Advisory (SSA:2010-136-01)
2012-09-10 00:00:00
FreeBSD Ports: fetchmail
2010-05-04 00:00:00
FreeBSD Ports: fetchmail
2010-05-04 00:00:00
ubuntucve
ubuntucve
CVE-2010-1167
2010-05-07 00:00:00
debiancve
debiancve
CVE-2010-1167
2010-05-07 18:24:15
cve
cve
CVE-2010-1167
2010-05-07 18:24:15
freebsd
freebsd
fetchmail -- denial of service vulnerability
2010-04-18 00:00:00
securityvulns
securityvulns
fetchmail resources exhaustion
2010-05-11 00:00:00
fetchmail security announcement fetchmail-SA-2010-02 (CVE-2010-1167)
2010-05-11 00:00:00
cvelist
cvelist
CVE-2010-1167
2010-05-07 17:43:00
prion
prion
Code injection
2010-05-07 18:24:00
altlinux
altlinux
Security fix for the ALT Linux 6 package fetchmail version 6.3.17-alt1
2010-05-09 00:00:00
Security fix for the ALT Linux 5 package fetchmail version 6.3.17-alt1
2010-05-09 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.4 Medium
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.3%
Related for NVD:CVE-2010-1167