VYPR

Fetchmail

by Fetchmail

Source repositories

CVEs (26)

  • CVE-2002-1365Dec 23, 2002
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses.

  • CVE-2002-1175Oct 11, 2002
    risk 0.00cvss epss 0.02

    The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the…

  • CVE-2002-1174Oct 11, 2002
    risk 0.00cvss epss 0.05

    Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly…

  • CVE-2002-0146Jun 25, 2002
    risk 0.00cvss epss 0.01

    fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array.

  • CVE-2001-1378Sep 6, 2001
    risk 0.00cvss epss 0.00

    fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.

  • CVE-2001-0101Feb 12, 2001
    risk 0.00cvss epss 0.02

    Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command.

Page 2 of 2