Published: 21/12/2005 Updated: 19/10/2018

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

fetchmail prior to 6.3.1 and prior to 6.2.5.5, when configured for multidrop mode, allows remote malicious users to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fetchmail fetchmail

Debian Bug report logs - #343836 (CVE-2005-4348) Security: DoS attack possible - crashes on empty message Package: fetchmail; Maintainer for fetchmail is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for fetchmail is src:fetchmail (PTS, buildd, popcon) Reported by: Steve Fosdick <dbugs@pelvouxnildramcouk> Date ...

Steve Fosdick discovered a remote Denial of Service vulnerability in fetchmail When using fetchmail in ‘multidrop’ mode, a malicious email server could cause a crash by sending an email without any headers Since fetchmail is commonly called automatically (with cron, for example), this crash could go unnoticed ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4348

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect