Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fetchmail fetchmail 6.2.5.2 vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2005-3088
fetchmailconf prior to 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with insecure world-readable permissions, which allows local users to obtain sensitive information such as passwords.
Fetchmail Fetchmail 6.2.5
Fetchmail Fetchmail 6.2.5.2
Fetchmail Fetchmail 6.2.0
445
VMScore
CVE-2011-1947
fetchmail 5.9.9 up to and including 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.
Fetchmail Fetchmail 6.3.6
Fetchmail Fetchmail 6.3.16
Fetchmail Fetchmail 6.3.9
Fetchmail Fetchmail 6.3.11
Fetchmail Fetchmail 6.2.3
Fetchmail Fetchmail 6.2.5
Fetchmail Fetchmail 6.2.9
Fetchmail Fetchmail 6.2.0
Fetchmail Fetchmail 6.1.0
Fetchmail Fetchmail 5.9.10
Fetchmail Fetchmail 5.9.13
Fetchmail Fetchmail 6.3.14
Fetchmail Fetchmail 6.3.13
Fetchmail Fetchmail 6.3.17
Fetchmail Fetchmail 6.3.10
Fetchmail Fetchmail 6.2.5.1
Fetchmail Fetchmail 6.3.3
Fetchmail Fetchmail 6.3.2
Fetchmail Fetchmail 5.9.9
Fetchmail Fetchmail 5.9.11
Fetchmail Fetchmail 6.3.18
Fetchmail Fetchmail 6.2.4
516
VMScore
CVE-2012-3482
Fetchmail 5.0.8 up to and including 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder...
Fetchmail Fetchmail 5.2.4
Fetchmail Fetchmail 5.2.7
Fetchmail Fetchmail 5.2.8
Fetchmail Fetchmail 5.4.4
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 5.7.0
Fetchmail Fetchmail 5.7.2
Fetchmail Fetchmail 5.8.2
Fetchmail Fetchmail 5.8.3
Fetchmail Fetchmail 5.9.13
Fetchmail Fetchmail 5.9.4
Fetchmail Fetchmail 6.3.14
Fetchmail Fetchmail 6.3.13
Fetchmail Fetchmail 6.3.6
Fetchmail Fetchmail 6.2.9
Fetchmail Fetchmail 6.2.6
Fetchmail Fetchmail 6.3.7
Fetchmail Fetchmail 6.3.5
Fetchmail Fetchmail 6.3.4
Fetchmail Fetchmail 6.2.1
Fetchmail Fetchmail 6.0.0
Fetchmail Fetchmail 5.2.1
570
VMScore
CVE-2009-2666
socket.c in fetchmail prior to 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate...
Fetchmail Fetchmail 6.3.5
Fetchmail Fetchmail 6.3.3
Fetchmail Fetchmail 6.2.5.4
Fetchmail Fetchmail 6.2.6
Fetchmail Fetchmail 6.2.0
Fetchmail Fetchmail 6.1.0
Fetchmail Fetchmail 5.9.4
Fetchmail Fetchmail 5.8.14
Fetchmail Fetchmail 5.8.13
Fetchmail Fetchmail 5.8
Fetchmail Fetchmail 5.7.2
Fetchmail Fetchmail 5.5.0
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 5.2.7
Fetchmail Fetchmail 5.2.4
Fetchmail Fetchmail 5.0.7
Fetchmail Fetchmail 5.0.6
Fetchmail Fetchmail 4.7.7
Fetchmail Fetchmail 4.7.6
Fetchmail Fetchmail 4.6.8
Fetchmail Fetchmail 4.6.7
Fetchmail Fetchmail 4.6.0
1 Github repository
445
VMScore
CVE-2007-4565
sink.c in fetchmail prior to 6.3.9 allows context-dependent malicious users to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.
Fetchmail Fetchmail 6.2.5.2
Fetchmail Fetchmail 6.3.2
Fetchmail Fetchmail 6.3.1
Fetchmail Fetchmail 6.2.1
Fetchmail Fetchmail 6.2.0
Fetchmail Fetchmail 5.9.5
Fetchmail Fetchmail 5.9.4
Fetchmail Fetchmail 5.8.2
Fetchmail Fetchmail 5.8.1
Fetchmail Fetchmail 5.8
Fetchmail Fetchmail 5.5.2
Fetchmail Fetchmail 5.5.0
Fetchmail Fetchmail 5.3.0
Fetchmail Fetchmail 5.2.8
Fetchmail Fetchmail 5.1.0
Fetchmail Fetchmail 5.0.8
Fetchmail Fetchmail 5.0.7
Fetchmail Fetchmail 5.0.0
Fetchmail Fetchmail 4.7.7
Fetchmail Fetchmail 4.7.0
Fetchmail Fetchmail 4.6.9
Fetchmail Fetchmail 4.6.1
1 Github repository
383
VMScore
CVE-2008-2711
fetchmail 6.3.8 and previous versions, when running in -v -v (aka verbose) mode, allows remote malicious users to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnpr...
Fetchmail Fetchmail 6.3.5
Fetchmail Fetchmail 6.3.3
Fetchmail Fetchmail 6.2.5.4
Fetchmail Fetchmail 6.2.6
Fetchmail Fetchmail 6.2.0
Fetchmail Fetchmail 6.1.0
Fetchmail Fetchmail 5.9.4
Fetchmail Fetchmail 5.8.14
Fetchmail Fetchmail 5.8.13
Fetchmail Fetchmail 5.8
Fetchmail Fetchmail 5.7.2
Fetchmail Fetchmail 5.5.0
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 5.2.7
Fetchmail Fetchmail 5.2.4
Fetchmail Fetchmail 5.0.7
Fetchmail Fetchmail 5.0.6
Fetchmail Fetchmail 4.7.7
Fetchmail Fetchmail 4.7.6
Fetchmail Fetchmail 4.6.8
Fetchmail Fetchmail 4.6.7
Fetchmail Fetchmail 4.6.0
1 Github repository
694
VMScore
CVE-2006-5867
fetchmail prior to 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote malicious users to obtain sensitive information via man-in-the-middle (MITM) attacks.
Fetchmail Fetchmail 6.3.1
Fetchmail Fetchmail 6.2.5.4
Fetchmail Fetchmail 6.2.1
Fetchmail Fetchmail 6.2.0
Fetchmail Fetchmail 5.9.5
Fetchmail Fetchmail 5.9.4
Fetchmail Fetchmail 5.8.1
Fetchmail Fetchmail 5.8
Fetchmail Fetchmail 5.5.2
Fetchmail Fetchmail 5.5.0
Fetchmail Fetchmail 5.3.0
Fetchmail Fetchmail 5.2.8
Fetchmail Fetchmail 5.0.8
Fetchmail Fetchmail 5.0.7
Fetchmail Fetchmail 5.0.0
Fetchmail Fetchmail 4.7.7
Fetchmail Fetchmail 4.7.0
Fetchmail Fetchmail 4.6.9
Fetchmail Fetchmail 4.6.8
Fetchmail Fetchmail 4.6.1
Fetchmail Fetchmail 4.6.0
Fetchmail Fetchmail 4.5.2
383
VMScore
CVE-2010-1167
fetchmail 4.6.3 up to and including 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote malicious users to cause a denial of service (memory consumption and application crash) via a crafted (1) message h...
Fetchmail Fetchmail 6.2.9
Fetchmail Fetchmail 6.3.8
Fetchmail Fetchmail 6.2.5
Fetchmail Fetchmail 6.2.3
Fetchmail Fetchmail 5.9.11
Fetchmail Fetchmail 5.9.10
Fetchmail Fetchmail 5.9.8
Fetchmail Fetchmail 5.8.4
Fetchmail Fetchmail 5.8.3
Fetchmail Fetchmail 5.5.6
Fetchmail Fetchmail 5.5.5
Fetchmail Fetchmail 5.3.3
Fetchmail Fetchmail 5.3.1
Fetchmail Fetchmail 5.2.0
Fetchmail Fetchmail 5.1.4
Fetchmail Fetchmail 5.0.3
Fetchmail Fetchmail 5.0.2
Fetchmail Fetchmail 4.7.2
Fetchmail Fetchmail 4.7.1
Fetchmail Fetchmail 4.6.4
Fetchmail Fetchmail 4.6.3
Fetchmail Fetchmail 6.1.3
445
VMScore
CVE-2005-2335
Buffer overflow in the POP3 client in Fetchmail prior to 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifier for the Fetchmail issue. Th...
Fetchmail Fetchmail 6.0.0
Fetchmail Fetchmail 5.9.13
Fetchmail Fetchmail 5.8.13
Fetchmail Fetchmail 5.8.11
Fetchmail Fetchmail 5.7.2
Fetchmail Fetchmail 5.7.0
Fetchmail Fetchmail 5.4.4
Fetchmail Fetchmail 5.4.3
Fetchmail Fetchmail 5.2.4
Fetchmail Fetchmail 5.2.3
Fetchmail Fetchmail 5.0.6
Fetchmail Fetchmail 5.0.5
Fetchmail Fetchmail 4.7.5
Fetchmail Fetchmail 4.7.4
Fetchmail Fetchmail 4.6.7
Fetchmail Fetchmail 4.6.6
Fetchmail Fetchmail 4.5.8
Fetchmail Fetchmail 4.5.7
Fetchmail Fetchmail 6.2.3
Fetchmail Fetchmail 5.9.11
Fetchmail Fetchmail 5.9.10
Fetchmail Fetchmail 5.8.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started