Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1365

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1365
Last Modified 15 Feb 2011 12:00:00
Published 23 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1365

Summary

Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses.

Vulnerable Systems

Application

  • Fetchmail 4.5.1

  • Fetchmail 4.5.2

  • Fetchmail 4.5.3

  • Fetchmail 4.5.4

  • Fetchmail 4.5.5

  • Fetchmail 4.5.6

  • Fetchmail 4.5.7

  • Fetchmail 4.5.8

  • Fetchmail 4.6.0

  • Fetchmail 4.6.1

  • Fetchmail 4.6.2

  • Fetchmail 4.6.3

  • Fetchmail 4.6.4

  • Fetchmail 4.6.5

  • Fetchmail 4.6.6

  • Fetchmail 4.6.7

  • Fetchmail 4.6.8

  • Fetchmail 4.6.9

  • Fetchmail 4.7.0

  • Fetchmail 4.7.1

  • Fetchmail 4.7.2

  • Fetchmail 4.7.3

  • Fetchmail 4.7.4

  • Fetchmail 4.7.5

  • Fetchmail 4.7.6

  • Fetchmail 4.7.7

  • Fetchmail 5.0.0

  • Fetchmail 5.0.1

  • Fetchmail 5.0.2

  • Fetchmail 5.0.3

  • Fetchmail 5.0.4

  • Fetchmail 5.0.5

  • Fetchmail 5.0.6

  • Fetchmail 5.0.7

  • Fetchmail 5.0.8

  • Fetchmail 5.1.0

  • Fetchmail 5.1.4

  • Fetchmail 5.2.0

  • Fetchmail 5.2.1

  • Fetchmail 5.2.3

  • Fetchmail 5.2.4

  • Fetchmail 5.2.7

  • Fetchmail 5.2.8

  • Fetchmail 5.3.0

  • Fetchmail 5.3.1

  • Fetchmail 5.3.3

  • Fetchmail 5.3.8

  • Fetchmail 5.4.0

  • Fetchmail 5.4.3

  • Fetchmail 5.4.4

  • Fetchmail 5.4.5

  • Fetchmail 5.5.0

  • Fetchmail 5.5.2

  • Fetchmail 5.5.3

  • Fetchmail 5.5.5

  • Fetchmail 5.5.6

  • Fetchmail 5.6.0

  • Fetchmail 5.7.0

  • Fetchmail 5.7.2

  • Fetchmail 5.7.4

  • Fetchmail 5.8

  • Fetchmail 5.8.1

  • Fetchmail 5.8.11

  • Fetchmail 5.8.13

  • Fetchmail 5.8.14

  • Fetchmail 5.8.17

  • Fetchmail 5.8.2

  • Fetchmail 5.8.3

  • Fetchmail 5.8.4

  • Fetchmail 5.8.5

  • Fetchmail 5.8.6

  • Fetchmail 5.9.0

  • Fetchmail 5.9.10

  • Fetchmail 5.9.11

  • Fetchmail 5.9.13

  • Fetchmail 5.9.4

  • Fetchmail 5.9.5

  • Fetchmail 5.9.8

  • Fetchmail 6.0.0

  • Fetchmail 6.1.0

  • Fetchmail 6.1.3


References

REDHAT - RHSA-2002:293

BUGTRAQ - 20021213 Advisory 05/2002: Another Fetchmail Remote Vulnerability

XF - fetchmail-address-header-bo(10839)

BID - 6390

REDHAT - RHSA-2003:155

REDHAT - RHSA-2002:294

MANDRAKE - MDKSA-2003:011

DEBIAN - DSA-216

MISC - http://security.e-matters.de/advisories/052002.html

BUGTRAQ - 20021215 GLSA: fetchmail

CONECTIVA - CLA-2002:554

CALDERA - CSSA-2003-001.0


Last Updated: 27 May 2016 10:37:18