2 matches found
Improper Synchronization
Overview Affected versions of this package are vulnerable to Improper Synchronization in the process that forwards DoQ queries to UDP upstreams, where the DNS transaction ID txid is not preserved and is always set to 0, reducing entropy in the backend tuple. An attacker can increase the likelihoo...
Fetchmail security advisory
Fetchmail advisory, copyrightC 2001 Salvatore Sanfilippo Distribution of this document is unlimited. THE PROBLEM In a security auditing I found two remotly explotiable memory corruption problems. The bug, that is similar in the file pop3.c and imap.c, allows an attacker to 'poke' arbitrary memory...