Fetchmail
by Fetchmail
Source repositories
CVEs (26)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1365 | 0.00 | — | 0.05 | Dec 23, 2002 | Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | |||
| CVE-2002-1175 | 0.00 | — | 0.02 | Oct 11, 2002 | The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the… | |||
| CVE-2002-1174 | 0.00 | — | 0.05 | Oct 11, 2002 | Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly… | |||
| CVE-2002-0146 | 0.00 | — | 0.01 | Jun 25, 2002 | fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array. | |||
| CVE-2001-1378 | 0.00 | — | 0.00 | Sep 6, 2001 | fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | |||
| CVE-2001-0101 | 0.00 | — | 0.02 | Feb 12, 2001 | Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command. |
- CVE-2002-1365Dec 23, 2002risk 0.00cvss —epss 0.05
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses.
- CVE-2002-1175Oct 11, 2002risk 0.00cvss —epss 0.02
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the…
- CVE-2002-1174Oct 11, 2002risk 0.00cvss —epss 0.05
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly…
- CVE-2002-0146Jun 25, 2002risk 0.00cvss —epss 0.01
fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array.
- CVE-2001-1378Sep 6, 2001risk 0.00cvss —epss 0.00
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.
- CVE-2001-0101Feb 12, 2001risk 0.00cvss —epss 0.02
Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command.
Page 2 of 2