RHEL 6 : fetchmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - fetchmail: STARTTLS session encryption bypassing CVE-2021-39272 - reportvbuild in report.c in Fetchmail...

CentOS 9 : fetchmail-6.4.24-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the fetchmail-6.4.24-1.el9 build changelog. - reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow...

openSUSE 15 Security Update : fetchmail (openSUSE-SU-2021:1183-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1183-1 advisory. - reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail server...

openSUSE 15 Security Update : fetchmail (openSUSE-SU-2021:2791-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2791-1 advisory. - reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail server...

Updated fetchmail packages fix security vulnerability

Updated fetchmail packages fix security vulnerability: reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages...

DEBIAN-CVE-2021-36386

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...

CVE-2021-36386

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...

CVE-2021-36386

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...

CVE-2021-36386

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...

CVE-2021-36386

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...

Denial Of Service(DoS)

Fetchmail is vulnerable to denial of service. reportvbuild in report.c sometimes omits initialization of the vsnprintf valist argument, allowing mail servers to cause a denial of service or possibly have unspecified other impact via long error messages...

CVE-2021-36386

Fetchmail, up to version 6.4.20, is affected by a vulnerability in report_vbuild (report.c) where the vsnprintf va_list may not be initialized. This could allow a mail server to trigger a denial of service or cause other unspecified effects via long error messages. The impact on end users is uncl...

CVE-2021-36386

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...

CVE-2021-36386

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...

Fetchmail 资源管理错误漏洞

Fetchmail is an application for downloading emails. A security vulnerability exists in versions of Fetchmail prior to 6.4.20. The vulnerability stems from the fact that reportvbuild in report.c sometimes ignores the initialization of the valist parameter. This could result in a denial of service ...