Fetchmail: >> Fetchmail >> 5.9.11 Security Vulnerabilities
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.
CVSS Score
5.0
EPSS Score
0.013
Published
2003-11-17
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses.
CVSS Score
7.5
EPSS Score
0.047
Published
2002-12-23
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly parsed by the parse_received function.
CVSS Score
7.5
EPSS Score
0.043
Published
2002-10-11
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the expected boundary.
CVSS Score
5.0
EPSS Score
0.013
Published
2002-10-11
Page 2