Search CVE reports


Toggle filters

1 – 10 of 16 results


CVE-2021-39272

Low priority
Vulnerable

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail Not affected Vulnerable Vulnerable Vulnerable Needs evaluation
Show less packages

CVE-2021-36386

Low priority
Needs evaluation

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long...

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2012-3482

Low priority
Ignored

Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an...

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail Not affected Not affected Not affected Not affected
Show less packages

CVE-2011-1947

Low priority
Ignored

fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but...

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail Not affected Not affected Not affected Not affected
Show less packages

CVE-2010-1167

Low priority
Ignored

fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application...

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail
Show less packages

CVE-2010-0562

Low priority
Not affected

The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly...

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail
Show less packages

CVE-2009-2666

Medium priority
Fixed

socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail
Show less packages

CVE-2008-2711

Negligible priority
Ignored

fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an...

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail
Show less packages

CVE-2007-4565

Unknown priority
Fixed

sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.

1 affected packages

fetchmail

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail
Show less packages

CVE-2007-1558

Unknown priority

Some fixes available 6 of 21

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all...

8 affected packages

fetchmail, iceape, im, mew, mew-beta...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fetchmail
iceape
im
mew
mew-beta
mozilla-thunderbird
wl
wl-beta
Show all 8 packages Show less packages