openSUSE 15 Security Update : fetchmail (openSUSE-SU-2021:4018-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:4018-1 advisory. - reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow ma...

Ubuntu Update for fetchmail vulnerabilities USN-520-1

Ubuntu Update for Linux kernel vulnerabilities USN-520-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5201.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for fetchmail vulnerabilities USN-520-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

FreeBSD : fetchmail -- TLS enforcement problem/MITM attack/password exposure (5238ac45-9d8c-11db-858b-0060084a00e5)

Matthias Andree reports : Fetchmail has had several longstanding password disclosure vulnerabilities. - sslcertck/sslfingerprint options should have implied 'sslproto tls1' in order to enforce TLS negotiation, but did not. - Even with 'sslproto tls1' in the config, fetches would go ahead in plain...

Debian DSA-171-1 : fetchmail - buffer overflows

Stefan Esser discovered several buffer overflows and a broken boundary check within fetchmail. If fetchmail is running in multidrop mode these flaws can be used by remote attackers to crash it or to execute arbitrary code under the user id of the user running fetchmail. Depending on the...

DSA-171 fetchmail - buffer overflows

Bulletin has no description...

Advisory 03/2002: Fetchmail remote vulnerabilities

e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: Fetchmail remote vulnerabilities Release Date: 2002/09/29 Last Modified: 2002/09/29 Author: Stefan Esser [email protected] Application: Fetchmail = 6.0.0 Severity: Several vulnerabilities within Fetchmail could allow remote...