Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2012-3482

Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read.

Source

ALAS-2012-132

Amazon Linux AMI Security Advisory: ALAS-2012-132
Advisory Release Date: 2012-10-08 10:41 Pacific
Advisory Updated Date: 2014-09-14 17:08 Pacific

Severity: Low

References: CVE-2012-3482

Issue Overview:

Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read.

Affected Packages:

fetchmail

Issue Correction:
Run yum update fetchmail to update your system.

New Packages:

i686:
    fetchmail-6.3.17-1.9.amzn1.i686
    fetchmail-debuginfo-6.3.17-1.9.amzn1.i686

src:
    fetchmail-6.3.17-1.9.amzn1.src

x86_64:
    fetchmail-debuginfo-6.3.17-1.9.amzn1.x86_64
    fetchmail-6.3.17-1.9.amzn1.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2012-132

ALAS-2012-132

Vulmon Search

About

Products

Connect