Published: 28/08/2007 Updated: 15/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

sink.c in fetchmail prior to 6.3.9 allows context-dependent malicious users to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fetchmail fetchmail 6.2.5.2
fetchmail fetchmail 6.3.2
fetchmail fetchmail 6.3.1
fetchmail fetchmail 6.2.1
fetchmail fetchmail 6.2.0
fetchmail fetchmail 5.9.5
fetchmail fetchmail 5.9.4
fetchmail fetchmail 5.8.2
fetchmail fetchmail 5.8.1
fetchmail fetchmail 5.8
fetchmail fetchmail 5.5.2
fetchmail fetchmail 5.5.0
fetchmail fetchmail 5.3.0
fetchmail fetchmail 5.2.8
fetchmail fetchmail 5.1.0
fetchmail fetchmail 5.0.8
fetchmail fetchmail 5.0.7
fetchmail fetchmail 5.0.0
fetchmail fetchmail 4.7.7
fetchmail fetchmail 4.7.0
fetchmail fetchmail 4.6.9
fetchmail fetchmail 4.6.1
fetchmail fetchmail 4.6.0
fetchmail fetchmail 4.5.2
fetchmail fetchmail 4.5.1
fetchmail fetchmail 5.7.4
fetchmail fetchmail 5.8.17
fetchmail fetchmail 6.2.9
fetchmail fetchmail 6.3.0
fetchmail fetchmail 6.3.8
fetchmail fetchmail 6.2.5.4
fetchmail fetchmail 6.2.6
fetchmail fetchmail 6.1.0
fetchmail fetchmail 6.0.0
fetchmail fetchmail 5.8.14
fetchmail fetchmail 5.8.13
fetchmail fetchmail 5.7.2
fetchmail fetchmail 5.7.0
fetchmail fetchmail 5.4.5
fetchmail fetchmail 5.4.4
fetchmail fetchmail 5.2.7
fetchmail fetchmail 5.2.4
fetchmail fetchmail 5.0.6
fetchmail fetchmail 5.0.5
fetchmail fetchmail 4.7.6
fetchmail fetchmail 4.7.5
fetchmail fetchmail 4.6.8
fetchmail fetchmail 4.6.7
fetchmail fetchmail 4.5.8
fetchmail fetchmail 4.5.7
fetchmail fetchmail 5.9.0
fetchmail fetchmail 6.3.6
fetchmail fetchmail 6.2.5.1
fetchmail fetchmail 6.3.4
fetchmail fetchmail 6.3.7
fetchmail fetchmail 6.2.5
fetchmail fetchmail 5.9.13
fetchmail fetchmail 5.9.11
fetchmail fetchmail 5.8.11
fetchmail fetchmail 5.8.5
fetchmail fetchmail 5.6.0
fetchmail fetchmail 5.5.6
fetchmail fetchmail 5.4.3
fetchmail fetchmail 5.3.8
fetchmail fetchmail 5.2.3
fetchmail fetchmail 5.2.1
fetchmail fetchmail 5.0.4
fetchmail fetchmail 5.0.3
fetchmail fetchmail 4.7.4
fetchmail fetchmail 4.7.3
fetchmail fetchmail 4.6.6
fetchmail fetchmail 4.6.5
fetchmail fetchmail 4.5.6
fetchmail fetchmail 4.5.5
fetchmail fetchmail 6.2.4
fetchmail fetchmail 5.4.0
fetchmail fetchmail 6.3.5
fetchmail fetchmail 6.3.3
fetchmail fetchmail 6.2.3
fetchmail fetchmail 6.2.2
fetchmail fetchmail 5.9.10
fetchmail fetchmail 5.9.8
fetchmail fetchmail 5.8.4
fetchmail fetchmail 5.8.3
fetchmail fetchmail 5.5.5
fetchmail fetchmail 5.5.3
fetchmail fetchmail 5.3.3
fetchmail fetchmail 5.3.1
fetchmail fetchmail 5.2.0
fetchmail fetchmail 5.1.4
fetchmail fetchmail 5.0.2
fetchmail fetchmail 5.0.1
fetchmail fetchmail 4.7.2
fetchmail fetchmail 4.7.1
fetchmail fetchmail 4.6.4
fetchmail fetchmail 4.6.3
fetchmail fetchmail 4.6.2
fetchmail fetchmail 4.5.4
fetchmail fetchmail 4.5.3
fetchmail fetchmail 6.1.3
fetchmail fetchmail 5.8.6
fetchmail fetchmail

Debian Bug report logs - #440006 CVE-2007-4565: Denial of Service attack in Fetchmail Package: fetchmail; Maintainer for fetchmail is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for fetchmail is src:fetchmail (PTS, buildd, popcon) Reported by: Thijs Kinkhorst <thijs@debianorg> Date: Wed, 29 Aug 2007 07:00:01 U ...

Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user’s authentication credentials (CVE-2007-1558) ...

补丁管理报告补丁管理摘要网络范围 19216811-1921681255 补丁安装状态数量高危重要中等一般低已安装补丁 0 0 0 0 0 0 未安装补丁 140 32 47 14 3 44 小计 140 32 47 15 3 44 高危等级补丁 CESA-2011:0436_ CESA-2011:0844_ CESA-2011:0999_ 重要等级补丁 CESA-2011:0436_ CESA-2011:0844_ CESA-2011:0999

NVD-CWE-Other http://fetchmail.berlios.de/fetchmail-SA-2007-02.txt http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2007-02.txt https://issues.rpath.com/browse/RPL-1690 http://www.debian.org/security/2007/dsa-1377 http://www.mandriva.com/security/advisories?name=MDKSA-2007:179 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.trustix.org/errata/2007/0028/http://www.ubuntu.com/usn/usn-520-1 http://www.securityfocus.com/bid/25495 http://www.securitytracker.com/id?1018627 http://secunia.com/advisories/27399 http://securityreason.com/securityalert/3074 http://osvdb.org/45833 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://support.apple.com/kb/HT3438 http://www.vupen.com/english/advisories/2009/0422 http://www.vupen.com/english/advisories/2007/3032 https://exchange.xforce.ibmcloud.com/vulnerabilities/36385 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10528 http://www.securityfocus.com/archive/1/493388/100/0/threaded http://www.securityfocus.com/archive/1/478798/100/0/threaded https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440006 https://usn.ubuntu.com/520-1/https://nvd.nist.gov

Get Started

CVE-2007-4565

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect