Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fetchmail vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-0321
fetchmail 6.3.0 and other versions prior to 6.3.2 allows remote malicious users to cause a denial of service (crash) via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster.
Fetchmail Fetchmail 6.3.0
Fetchmail Fetchmail 6.3.1
7.8
CVSSv2
CVE-2005-4348
fetchmail prior to 6.3.1 and prior to 6.2.5.5, when configured for multidrop mode, allows remote malicious users to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.
Fetchmail Fetchmail
5
CVSSv2
CVE-2021-36386
report_vbuild in report.c in Fetchmail prior to 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use ...
Fetchmail Fetchmail
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2021-39272
Fetchmail prior to 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
Fetchmail Fetchmail
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
2.6
CVSSv2
CVE-2007-1558
The APOP protocol allows remote malicious users to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderb...
Apop Protocol Apop Protocol
NA
CVE-2003-0790
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: the reported issue is not a vulnerability or exposure. Notes: This candidate was assigned to a "head-reading" bug in a component of fetchmail 6.2.4 and previous versions, which was claimed to a...
6.9
CVSSv2
CVE-2008-4394
Multiple untrusted search path vulnerabilities in Portage prior to 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the (1) ys-apps/portage, (2) net-mail/fetc...
Gentoo Portage 2.1.3.11
Gentoo Portage 2.1.3.10
Gentoo Portage
Gentoo Portage 2.1.1
Gentoo Portage 2.0.51.22
4.3
CVSSv2
CVE-2010-3695
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related t...
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.1
Horde Imp 4.1.5
Horde Imp 4.0.3
Horde Imp 2.2.5
Horde Imp 4.3.5
Horde Imp 4.2.2
Horde Imp 4.3
Horde Imp 4.3.2
Horde Imp 3.2.7
Horde Imp 3.2
Horde Imp 3.1.2
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 2.0
Horde Imp 4.3.3
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 2.2.8
Horde Imp 3.1
Horde Imp 4.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2010-4778
Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allow remote malicious users to inject arbitrary web script or HTML via the (1) username (aka fmusername), (2) password (aka ...
Horde Imp 4.0.3
Horde Imp 4.1.6
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 4.2.2
Horde Imp 4.2
Horde Imp 3.2.7
Horde Imp 4.0
Horde Imp 3.2
Horde Imp 3.2.2
Horde Imp 2.2
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 3.2.6
Horde Imp 3.2.5
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.4
Horde Imp 4.3.6
Horde Imp 2.0
6.5
CVSSv2
CVE-2020-5239
In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrusted users are most impacted. The master and 1.7 branches are patched on our git re...
Mailu Mailu
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »