CVE-2010-1167

Related Files

Mandriva Linux Security Advisory 2011-107

Posted Jun 7, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-107 - fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted message header or POP3 UIDL list. fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a STLS request, which allows remote servers to cause a denial of service by acknowledging the request but not sending additional packets.

tags | advisory, remote, denial of service

systems | linux, mandriva

advisories | CVE-2010-1167, CVE-2011-1947

SHA-256 | f76d34b17f631223e59aa2ba6e51c25370839677d0b8989b2ea46fc400d18a12

Download | Favorite | View

Fetchmail Denial Of Service In Debug Mode

Posted May 7, 2010

Authored by Matthias Andree

Fetchmail versions 4.6.3 through 6.3.16 suffer from a denial of service vulnerability in debug mode.

tags | advisory, denial of service

advisories | CVE-2010-1167

SHA-256 | c8acef1aeacf591fd77b9ec4a3ca6e3b6bcb8df278661e852d11d431d6c64b01

Download | Favorite | View