Computer Security
[EN] securityvulns.ru no-pyccku


fetchmail multiple security vulnerabilities
Published:17.06.2008
Source:
SecurityVulns ID:9095
Type:remote
Threat Level:
5/10
Description:NULL pointer dereference, uninitialized pointer dereference.
Affected:FETCHMAIL : fetchmail 6.3
CVE:CVE-2008-2711 (fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages.)
 CVE-2007-4565 (fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.)
Original documentdocumentFETCHMAIL, fetchmail security announcement fetchmail-SA-2008-01 (CVE-2008-2711) (17.06.2008)
 documentFETCHMAIL, fetchmail security announcement fetchmail-SA-2007-02 (CVE-2007-4565) (17.06.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod