VuXML ID | Description |
09910d76-4c82-11df-83fb-0015587e2cc1 | fetchmail -- denial of service vulnerability
Fetchmail developer Matthias Andree reported a vulnerability
that allows remote attackers to crash the application
when it is runs in verbose mode.
Fetchmail before release 6.3.17 did not properly
sanitize external input (mail headers and UID). When a
multi-character locale (such as UTF-8) was in use, this
could cause memory exhaustion and thus a denial of
service.
Discovery 2010-04-18 Entry 2010-04-20 fetchmail
ge 4.6.3 le 6.3.16
CVE-2010-1167
ports/145857
http://gitorious.org/fetchmail/fetchmail/commit/ec06293
http://seclists.org/oss-sec/2010/q2/76
|
2a6a966f-1774-11df-b5c1-0026189baca3 | fetchmail -- heap overflow on verbose X.509 display
Matthias Andree reports:
In verbose mode, fetchmail prints X.509 certificate subject and
issuer information to the user, and counts and allocates a malloc()
buffer for that purpose.
If the material to be displayed contains characters with high bit
set and the platform treats the "char" type as signed, this can cause
a heap buffer overrun because non-printing characters are escaped as
\xFF..FFnn, where nn is 80..FF in hex.
Discovery 2010-02-04 Entry 2010-02-12 fetchmail
ge 6.3.11 lt 6.3.14
38088
CVE-2010-0562
http://www.fetchmail.info/fetchmail-SA-2010-01.txt
https://lists.berlios.de/pipermail/fetchmail-announce/2010-February/000073.html
|
18ce9a90-f269-11e1-be53-080027ef73ec | fetchmail -- chosen plaintext attack against SSL CBC initialization vectors
Matthias Andree reports:
Fetchmail version 6.3.9 enabled "all SSL workarounds" (SSL_OP_ALL)
which contains a switch to disable a countermeasure against certain
attacks against block ciphers that permit guessing the
initialization vectors, providing that an attacker can make the
application (fetchmail) encrypt some data for him -- which is not
easily the case.
Stream ciphers (such as RC4) are unaffected.
Credits to Apple Product Security for reporting this.
Discovery 2012-01-19 Entry 2012-08-30 fetchmail
ge 6.3.9 lt 6.3.22
CVE-2011-3389
|
83f9e943-e664-11e1-a66d-080027ef73ec | fetchmail -- two vulnerabilities in NTLM authentication
Matthias Andree reports:
With NTLM support enabled, fetchmail might mistake a server-side
error message during NTLM protocol exchange for protocol data,
leading to a SIGSEGV.
Also, with a carefully crafted NTLM challenge, a malicious server
might cause fetchmail to read from a bad memory location, betraying
confidential data. It is deemed hard, although not impossible, to
steal other accounts' data.
Discovery 2012-08-12 Entry 2012-08-14 Modified 2012-08-27 fetchmail
ge 5.0.8 lt 6.3.21_1
CVE-2012-3482
|
1d6410e8-06c1-11ec-a35d-03ca114d16d6 | fetchmail -- STARTTLS bypass vulnerabilities
Problem:
In certain circumstances, fetchmail 6.4.21 and older would
not encrypt the session using STARTTLS/STLS, and might not have
cleared session state across the TLS negotiation.
Discovery 2021-08-10 Entry 2021-08-26 fetchmail
< 6.4.22.r1
CVE-2021-39272
https://www.fetchmail.info/fetchmail-SA-2021-02.txt
|
f7d838f2-9039-11e0-a051-080027ef73ec | fetchmail -- STARTTLS denial of service
Matthias Andree reports:
Fetchmail version 5.9.9 introduced STLS support for POP3,
version 6.0.0 added STARTTLS for IMAP. However, the actual
S(TART)TLS-initiated in-band SSL/TLS negotiation was not guarded
by a timeout.
Depending on the operating system defaults as to TCP stream
keepalive mode, fetchmail hangs in excess of one week after
sending STARTTLS were observed if the connection failed without
notifying the operating system, for instance, through network
outages or hard server crashes.
A malicious server that does not respond, at the network level,
after acknowledging fetchmail's STARTTLS or STLS request, can
hold fetchmail in this protocol state, and thus render fetchmail
unable to complete the poll, or proceed to the next server,
effecting a denial of service.
SSL-wrapped mode on dedicated ports was unaffected by this
problem, so can be used as a workaround.
Discovery 2011-04-28 Entry 2011-06-06 fetchmail
< 6.3.20
CVE-2011-1947
http://www.fetchmail.info/fetchmail-SA-2011-01.txt
https://gitorious.org/fetchmail/fetchmail/commit/7dc67b8cf06f74aa57525279940e180c99701314
|