Published: 06/12/2001 Updated: 10/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

A buffer overflow in Linux fetchmail prior to 5.8.6 allows remote malicious users to execute arbitrary code via a large 'To:' field in an email header.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fetchmail fetchmail 5.8.3
fetchmail fetchmail 5.8.2
fetchmail fetchmail 5.5.5
fetchmail fetchmail 5.5.3
fetchmail fetchmail 5.3.1
fetchmail fetchmail 5.3.0
fetchmail fetchmail 5.1.4
fetchmail fetchmail 5.1.0
fetchmail fetchmail 5.0.2
fetchmail fetchmail 5.0.1
fetchmail fetchmail 4.7.1
fetchmail fetchmail 4.7.0
fetchmail fetchmail 4.6.3
fetchmail fetchmail 4.6.2
fetchmail fetchmail 4.5.4
fetchmail fetchmail 4.5.3
fetchmail fetchmail 5.7.2
fetchmail fetchmail 5.7.0
fetchmail fetchmail 5.4.5
fetchmail fetchmail 5.4.4
fetchmail fetchmail 5.4.3
fetchmail fetchmail 5.2.4
fetchmail fetchmail 5.2.3
fetchmail fetchmail 5.0.6
fetchmail fetchmail 5.0.5
fetchmail fetchmail 4.7.5
fetchmail fetchmail 4.7.4
fetchmail fetchmail 4.6.7
fetchmail fetchmail 4.6.6
fetchmail fetchmail 4.5.8
fetchmail fetchmail 4.5.7
fetchmail fetchmail 5.4.0
fetchmail fetchmail
fetchmail fetchmail 5.8.1
fetchmail fetchmail 5.8
fetchmail fetchmail 5.5.2
fetchmail fetchmail 5.5.0
fetchmail fetchmail 5.2.8
fetchmail fetchmail 5.2.7
fetchmail fetchmail 5.0.8
fetchmail fetchmail 5.0.7
fetchmail fetchmail 5.0.0
fetchmail fetchmail 4.7.7
fetchmail fetchmail 4.7.6
fetchmail fetchmail 4.6.9
fetchmail fetchmail 4.6.8
fetchmail fetchmail 4.6.1
fetchmail fetchmail 4.6.0
fetchmail fetchmail 4.5.2
fetchmail fetchmail 4.5.1
fetchmail fetchmail 5.7.4
fetchmail fetchmail 5.8.4
fetchmail fetchmail 5.6.0
fetchmail fetchmail 5.5.6
fetchmail fetchmail 5.3.8
fetchmail fetchmail 5.3.3
fetchmail fetchmail 5.2.1
fetchmail fetchmail 5.2.0
fetchmail fetchmail 5.0.4
fetchmail fetchmail 5.0.3
fetchmail fetchmail 4.7.3
fetchmail fetchmail 4.7.2
fetchmail fetchmail 4.6.5
fetchmail fetchmail 4.6.4
fetchmail fetchmail 4.5.6
fetchmail fetchmail 4.5.5

Wolfram Kleff found a problem in fetchmail: it would crash when processing emails with extremely long headers The problem was a buffer overflow in the header parser which could be exploited This has been fixed in version 533-12, and we recommend that you upgrade your fetchmail package immediately ...

CWE-119 http://www.debian.org/security/2001/dsa-060 http://www.linuxsecurity.com/advisories/other_advisory-1451.html http://www.securityfocus.com/bid/2877 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-063.php3?dis=7.1 http://www.caldera.com/support/security/advisories/CSSA-2001-022.1.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000403 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:43.fetchmail.asc http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-025-01 http://www.redhat.com/support/errata/RHSA-2001-103.html http://www.novell.com/linux/security/advisories/2001_026_fetchmail_txt.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6704 https://nvd.nist.gov https://www.debian.org/security/./dsa-060

CVE-2001-0819

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect