Lucene search

K

PRIOn knowledge basePRION:CVE-2008-2711

HistoryJun 16, 2008 - 9:41 p.m.

Format string

2008-06-1621:41:00

PRIOn knowledge base

www.prio-n.com

2

6.4 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.105 Low

EPSS

Percentile

94.9%

fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages.

CPENameOperatorVersion
fetchmaileq5.6.0
fetchmaileq5.2.1
fetchmaileq4.7.6
fetchmaileq4.6.4
fetchmaileq5.4.3
fetchmaileq5.8.4
fetchmaileq4.7.0
fetchmaileq5.8
fetchmaileq5.0.1
fetchmaileq4.7.3

Rows per page:

1-10 of 1141

References

lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

secunia.com/advisories/30742

secunia.com/advisories/30895

secunia.com/advisories/31262

secunia.com/advisories/31287

secunia.com/advisories/33937

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.495740

support.apple.com/kb/HT3438

wiki.rpath.com/wiki/Advisories:rPSA-2008-0235

www.fetchmail.info/fetchmail-SA-2008-01.txt

www.mandriva.com/security/advisories?name=MDVSA-2008:117

www.openwall.com/lists/oss-security/2008/06/13/1

www.openwall.com/lists/oss-security/2021/08/09/1

www.securityfocus.com/archive/1/493391/100/0/threaded

www.securityfocus.com/archive/1/494865/100/0/threaded

www.securityfocus.com/bid/29705

www.securitytracker.com/id?1020298

www.vupen.com/english/advisories/2008/1860/references

www.vupen.com/english/advisories/2009/0422

bugzilla.novell.com/show_bug.cgi?id=354291

exchange.xforce.ibmcloud.com/vulnerabilities/43121

issues.rpath.com/browse/RPL-2623

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10950

www.redhat.com/archives/fedora-package-announce/2008-June/msg01091.html

www.redhat.com/archives/fedora-package-announce/2008-June/msg01095.html

6.4 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.105 Low

EPSS

Percentile

94.9%

Related for PRION:CVE-2008-2711

openvas25 nessus12 debiancve1 fedora2 seebug1 securityvulns2 veracode1 ubuntucve1 cve1 freebsd3 slackware1 altlinux2 redhatcve1 redhat1 centos1 oraclelinux1