Published: 11/10/2002 Updated: 18/10/2016

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflows in Fetchmail 6.0.0 and previous versions allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly parsed by the parse_received function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fetchmail fetchmail 5.8.13
fetchmail fetchmail 5.8.11
fetchmail fetchmail 5.7.2
fetchmail fetchmail 5.7.0
fetchmail fetchmail 5.4.5
fetchmail fetchmail 5.4.4
fetchmail fetchmail 5.4.3
fetchmail fetchmail 5.2.4
fetchmail fetchmail 5.2.3
fetchmail fetchmail 5.0.6
fetchmail fetchmail 5.0.5
fetchmail fetchmail 4.7.6
fetchmail fetchmail 4.7.5
fetchmail fetchmail 4.7.4
fetchmail fetchmail 4.6.7
fetchmail fetchmail 4.6.6
fetchmail fetchmail 4.5.8
fetchmail fetchmail 4.5.7
fetchmail fetchmail 5.8.6
fetchmail fetchmail 5.7.4
fetchmail fetchmail 5.9.13
fetchmail fetchmail 5.9.11
fetchmail fetchmail 5.9.10
fetchmail fetchmail 5.8.5
fetchmail fetchmail 5.8.4
fetchmail fetchmail 5.6.0
fetchmail fetchmail 5.5.6
fetchmail fetchmail 5.3.8
fetchmail fetchmail 5.3.3
fetchmail fetchmail 5.2.1
fetchmail fetchmail 5.2.0
fetchmail fetchmail 5.0.4
fetchmail fetchmail 5.0.3
fetchmail fetchmail 4.7.3
fetchmail fetchmail 4.7.2
fetchmail fetchmail 4.6.5
fetchmail fetchmail 5.9.4
fetchmail fetchmail 5.8.14
fetchmail fetchmail 5.8.1
fetchmail fetchmail 5.8
fetchmail fetchmail 5.5.2
fetchmail fetchmail 5.5.0
fetchmail fetchmail 5.2.8
fetchmail fetchmail 5.2.7
fetchmail fetchmail 5.0.8
fetchmail fetchmail 5.0.7
fetchmail fetchmail 5.0.0
fetchmail fetchmail 4.7.7
fetchmail fetchmail 4.6.9
fetchmail fetchmail 4.6.8
fetchmail fetchmail 4.6.1
fetchmail fetchmail 4.6.0
fetchmail fetchmail 4.5.2
fetchmail fetchmail 4.5.1
fetchmail fetchmail 5.9.0
fetchmail fetchmail 5.9.8
fetchmail fetchmail 5.9.5
fetchmail fetchmail 5.8.3
fetchmail fetchmail 5.8.2
fetchmail fetchmail 5.5.5
fetchmail fetchmail 5.5.3
fetchmail fetchmail 5.3.1
fetchmail fetchmail 5.3.0
fetchmail fetchmail 5.1.4
fetchmail fetchmail 5.1.0
fetchmail fetchmail 5.0.2
fetchmail fetchmail 5.0.1
fetchmail fetchmail 4.7.1
fetchmail fetchmail 4.7.0
fetchmail fetchmail 4.6.3
fetchmail fetchmail 4.6.2
fetchmail fetchmail 4.5.4
fetchmail fetchmail 4.5.3
fetchmail fetchmail
fetchmail fetchmail 4.6.4
fetchmail fetchmail 4.5.6
fetchmail fetchmail 4.5.5
fetchmail fetchmail 5.8.17
fetchmail fetchmail 5.4.0

Stefan Esser discovered several buffer overflows and a broken boundary check within fetchmail If fetchmail is running in multidrop mode these flaws can be used by remote attackers to crash it or to execute arbitrary code under the user id of the user running fetchmail Depending on the configuration this even allows a remote root compromise These ...

CWE-119 http://www.debian.org/security/2002/dsa-171 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-063.php http://www.iss.net/security_center/static/10203.php http://rhn.redhat.com/errata/RHSA-2002-215.html http://www.linuxsecurity.com/advisories/other_advisory-2402.html http://www.securityfocus.com/bid/5825 http://www.securityfocus.com/bid/5827 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000531 http://marc.info/?l=bugtraq&m=103340148625187&w=2 https://www.debian.org/security/./dsa-171 https://nvd.nist.gov

Get Started

CVE-2002-1174

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect