Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:fetchmail:fetchmail:6.2.5.5
There are 5 matching records.
Displaying matches 1 through 5.
Vuln ID Summary CVSS Severity
CVE-2010-1167

fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted (1) message header or (2) POP3 UIDL list.

Published: May 07, 2010; 2:24:15 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-2666

socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Published: August 07, 2009; 3:00:01 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2008-2711

fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages.

Published: June 16, 2008; 5:41:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2007-4565

sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.

Published: August 27, 2007; 9:17:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2006-5867

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.

Published: December 31, 2006; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH