Lucene search
+L

84 matches found

OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.28 views

Ubuntu Update for fetchmail vulnerability USN-405-1

Ubuntu Update for Linux kernel vulnerabilities USN-405-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4051.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for fetchmail vulnerability USN-405-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

7.8CVSS7.6AI score0.04255EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/09/14 12:0 a.m.28 views

Mandrake Linux Security Advisory : fetchmail (MDKSA-2007:179)

A vulnerability in fetchmail was found where it could crash when attempting to deliver an internal warning or error message through an untrusted or compromised SMTP server, leading to a denial of service. Updated packages have been patched to prevent these issues. %NASLMINLEVEL 70300 C Tenable...

5CVSS5.4AI score0.01971EPSS
Exploits1References1
OSV
OSV
added 2007/08/28 1:17 a.m.2 views

CVE-2007-4565

sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service NULL dereference and application crash by refusing certain warning messages that are sent over SMTP...

6.1AI score
Exploits0References22
UbuntuCve
UbuntuCve
added 2007/08/28 1:17 a.m.28 views

CVE-2007-4565

sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service NULL dereference and application crash by refusing certain warning messages that are sent over SMTP...

5CVSS5.9AI score0.01971EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2007/08/28 1:0 a.m.25 views

CVE-2007-4565

sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service NULL dereference and application crash by refusing certain warning messages that are sent over SMTP...

5CVSS6AI score0.01971EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2007/01/31 5:20 p.m.4 views

security flaw

fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service application crash by sending messages without headers from upstream mail servers...

7.8CVSS5.9AI score0.03641EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/01/31 5:20 p.m.6 views

fetchmail not enforcing TLS for POP3 properly

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle MITM attacks...

7.8CVSS5.8AI score0.04255EPSS
Exploits0References4
OSV
OSV
added 2006/12/31 5:0 a.m.5 views

CVE-2006-5974

fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial of service crash via unknown vectors that trigger a NULL pointer dereference when calling the 1 ferror or 2 fflush functions...

6.7AI score
Exploits0References18
OSV
OSV
added 2006/12/31 5:0 a.m.6 views

CVE-2006-5867

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle MITM attacks...

5.9AI score
Exploits0References37
OSV
OSV
added 2006/01/24 12:3 a.m.8 views

CVE-2006-0321

fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service crash via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster...

6.4AI score
Exploits0References18
Debian CVE
Debian CVE
added 2006/01/24 12:0 a.m.47 views

CVE-2006-0321

fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service crash via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster...

5CVSS6.1AI score0.035EPSS
Exploits0
OSV
OSV
added 2005/12/21 12:3 a.m.3 views

DEBIAN-CVE-2005-4348

fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service application crash by sending messages without headers from upstream mail servers...

7.8CVSS6.8AI score0.03641EPSS
Exploits0References1
OSV
OSV
added 2005/12/21 12:3 a.m.6 views

CVE-2005-4348

fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service application crash by sending messages without headers from upstream mail servers...

6.4AI score
Exploits0References34
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.21 views

Debian DSA-071-1 : fetchmail - memory corruption

Salvatore Sanfilippo found two remotely exploitable problems infetchmail while doing a security audit. In both the IMAP code and the POP3 code, the input isn't verified even though it's used to store a number in an array. Since no bounds checking is done this can be used by an attacker to write...

10CVSS5.8AI score0.06524EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.34 views

CVE-2002-1365

Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses...

7.5CVSS7.6AI score0.0495EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.19 views

Mandrake Linux Security Advisory : fetchmail (MDKSA-2001:072)

A vulnerability was found by Salvatore Sanfilippo in both the IMAP and POP3 code of fetchmail where the input is not verified and no bounds checking is done. This can be exploited by a remote attacker to write arbitrary data into memory. The attacker must have control of the mail server the clien...

10CVSS5.7AI score0.06524EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.22 views

Mandrake Linux Security Advisory : fetchmail (MDKSA-2002:036)

A problem was discovered with versions of fetchmail prior to 5.9.10 that was triggered by retreiving mail from an IMAP server. The fetchmail client will allocate an array to store the sizes of the messages it is attempting to retrieve. This array size is determined by the number of messages the...

5CVSS5.5AI score0.01491EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.22 views

SUSE-SA:2003:001: fetchmail

The remote host is missing the patch for the advisory SUSE-SA:2003:001 fetchmail. fetchmail is used to download emails from POP-, IMAP-, ETRN- or ODMR- servers. Stefan Esser of e-matters reported a bug in fetchmail's mail address expanding code which can lead to remote system compromise. When...

7.5CVSS6.1AI score0.0495EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.23 views

RHEL 2.1 : fetchmail (RHSA-2002:216)

Updated Fetchmail packages are available for Red Hat Linux Advanced Server which close a remotely-exploitable vulnerability in unpatched versions of Fetchmail prior to 6.1.0. Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links such as SLIP and...

7.5CVSS5.9AI score0.04727EPSS
Exploits0References7
NVD
NVD
added 2003/11/17 5:0 a.m.13 views

CVE-2003-0792

Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service crash via a certain email...

5CVSS6.4AI score0.01943EPSS
Exploits0References8
Rows per page
Query Builder