Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0321

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0321
Last Modified 07 Mar 2011 09:29:46
Published 23 Jan 2006 07:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0321

Summary

fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service (crash) via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster.

Vulnerable Systems

Application

  • Fetchmail 6.3.0

  • Fetchmail 6.3.1


References

CERT - TA06-214A

CONFIRM - http://fetchmail.berlios.de/fetchmail-SA-2006-01.txt

XF - fetchmail-message-bounce-dos(24265)

VUPEN - ADV-2006-3101

VUPEN - ADV-2006-0300

BID - 19289

BID - 16365

BUGTRAQ - 20060122 fetchmail security announcement fetchmail-SA-2006-01 (CVE-2006-0321)

OSVDB - 22691

SLACKWARE - SSA:2006-045-01

SECTRACK - 1015527

SECUNIA - 21253

SECUNIA - 18895

SECUNIA - 18571

APPLE - APPLE-SA-2006-08-01

CONFIRM - http://developer.berlios.de/project/shownotes.php?release_id=8784

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=348747

Related Patches

Apple 2006-08-01 Security Update 2006-004 Mac OS X 10.4.7 Client (PPC)

Apple 2006-08-01 Security Update 2006-004 Mac OS X 10.4.7 Client (Intel)


Last Updated: 27 May 2016 10:41:36