Debian DSA-216-1 : fetchmail - buffer overflow

Stefan Esser of e-matters discovered a buffer overflow in fetchmail, an SSL enabled POP3, APOP and IMAP mail gatherer/forwarder. When fetchmail retrieves a mail all headers that contain addresses are searched for local addresses. If a hostname is missing, fetchmail appends it but doesn't reserve...

CVE-2002-1365

Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses...

CVE-2002-1365

CVE-2002-1365 involves a heap-based buffer overflow in fetchmail 6.1.3 and earlier, caused by insufficient buffer space when expanding local addresses in mail headers (missing space for the hostname after an address). This can allow a remote attacker to execute arbitrary code with the privileges ...

CVE-2002-1365

Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses...