This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:fetchmail:fetchmail:4.6.9 |
| Detail | |||
|---|---|---|---|
| Vendor | Fetchmail | First view | 2001-02-12 |
| Product | Fetchmail | Last view | 2010-05-07 |
| Version | 4.6.9 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:fetchmail:fetchmail | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4.3 | 2010-05-07 | CVE-2010-1167 | Network | Medium | None Requ... | |
| 6.4 | 2009-08-07 | CVE-2009-2666 | Network | Low | None Requ... | |
| 4.3 | 2008-06-16 | CVE-2008-2711 | Network | Medium | None Requ... | |
| 5 | 2007-08-27 | CVE-2007-4565 | Network | Low | None Requ... | |
| 7.8 | 2006-12-31 | CVE-2006-5867 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 7.8 | 2005-12-20 | CVE-2005-4348 | Network | Low | None Requ... | |
| 5 | 2005-07-27 | CVE-2005-2335 | Network | Low | None Requ... | |
| 5 | 2003-11-17 | CVE-2003-0792 | Network | Low | None Requ... | |
| 7.5 | 2002-12-23 | CVE-2002-1365 | Network | Low | None Requ... | |
| 5 | 2002-10-11 | CVE-2002-1175 | Network | Low | None Requ... | |
| 7.5 | 2002-10-11 | CVE-2002-1174 | Network | Low | None Requ... | |
| 5 | 2002-06-25 | CVE-2002-0146 | Network | Low | None Requ... | |
| 7.5 | 2001-12-06 | CVE-2001-0819 | Network | Low | None Requ... | |
| 2.1 | 2001-09-06 | CVE-2001-1378 | Local | Low | None Requ... | |
| 10 | 2001-08-31 | CVE-2001-1009 | Network | Low | None Requ... | |
| 10 | 2001-02-12 | CVE-2001-0101 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 35% (5) | CWE-20 | Improper Input Validation |
| 28% (4) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 14% (2) | CWE-399 | Resource Management Errors |
| 7% (1) | CWE-310 | Cryptographic Issues |
| 7% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| % | id | Name |
|---|---|---|
| 7% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-100 | Overflow Buffers |
| CAPEC-119 | Resource Depletion |
| CAPEC-123 | Buffer Attacks |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:8833 | Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote ... |
| oval:org.mitre.oval:def:1124 | RHE4 Fetchmail Buffer Overflow via Long UIDL Responses |
| oval:org.mitre.oval:def:1038 | RHE3 Fetchmail Buffer Overflow via Long UIDL Responses |
| oval:org.mitre.oval:def:9659 | fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode... |
| oval:org.mitre.oval:def:10566 | fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cle... |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:10528 | sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause ... |
| oval:org.mitre.oval:def:10950 | fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows... |
| oval:org.mitre.oval:def:11059 | socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 64795 | fetchmail Multi-character Locale Invalid Character Remote DoS |
| 56855 | Fetchmail X.509 Certificate Authority (CA) Common Name Null Byte Handling SSL... |
| 46304 | Fetchmail Large Header Verbose Printing DoS |
| 45833 | Fetchmail SMTP Warning Message Refusal DoS |
| 31580 | Fetchmail TLS Enforcement Cleartext Credential Disclosure |
| id | Description |
|---|---|
| 21906 | Fetchmail Multidrop Mode Headerless Message Remote DoS |
| 18174 | Fetchmail UIDL POP3 Server Response Overflow |
| 10330 | Fetchmail POP3 Reply Negative Index Privilege Escalation |
| 10329 | Fetchmail IMAP Server Negative Index Privilege Escalation |
| 10328 | Fetchmail AUTHENTICATE GSSAPI Command Unspecified Issue |
| 5537 | Fetchmail Header To: Field Overflow |
| 5405 | Fetchmail Message Index Arbitrary File Overwrite |
| 4604 | Fetchmail readheaders Overflow |
| 4603 | Fetchmail parse_received Command Execution Overflow |
| 4602 | Fetchmail getmxrecord Overflow DoS |
| 4595 | Fetchmail IMAP Message Count Overflow |
| 4594 | Fetchmail @ Character Local Address Saturation Overflow |
| 2699 | Fetchmail Email Long Line Handling DoS |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for fetchmail CESA-2009:1427 centos3 i386 File : nvt/gb_CESA-2009_1427_fetchmail_centos3_i386.nasl |
| 2011-08-09 | Name : CentOS Update for fetchmail CESA-2009:1427 centos4 i386 File : nvt/gb_CESA-2009_1427_fetchmail_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for fetchmail CESA-2009:1427 centos5 i386 File : nvt/gb_CESA-2009_1427_fetchmail_centos5_i386.nasl |
| 2011-06-10 | Name : Mandriva Update for fetchmail MDVSA-2011:107 (fetchmail) File : nvt/gb_mandriva_MDVSA_2011_107.nasl |
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201006-12 (fetchmail) File : nvt/glsa_201006_12.nasl |
| id | Description |
|---|---|
| 2010-05-12 | Name : Mac OS X Security Update 2009-001 File : nvt/macosx_secupd_2009-001.nasl |
| 2010-05-12 | Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl |
| 2010-05-04 | Name : FreeBSD Ports: fetchmail File : nvt/freebsd_fetchmail14.nasl |
| 2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:201-1 (fetchmail) File : nvt/mdksa_2009_201_1.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-13 | Name : SLES10: Security update for fetchmail File : nvt/sles10_fetchmail.nasl |
| 2009-10-13 | Name : SLES10: Security update for fetchmail File : nvt/sles10_fetchmail0.nasl |
| 2009-10-11 | Name : SLES11: Security update for fetchmail File : nvt/sles11_fetchmail.nasl |
| 2009-10-10 | Name : SLES9: Security update for fetchmail File : nvt/sles9p5015579.nasl |
| 2009-10-10 | Name : SLES9: Security update for fetchmail File : nvt/sles9p5055302.nasl |
| 2009-10-10 | Name : SLES9: Security update for fetchmail File : nvt/sles9p5012536.nasl |
| 2009-10-10 | Name : SLES9: Security update for fetchmail File : nvt/sles9p5012567.nasl |
| 2009-09-15 | Name : CentOS Security Advisory CESA-2009:1427 (fetchmail) File : nvt/ovcesa2009_1427.nasl |
| 2009-09-09 | Name : Fedora Core 10 FEDORA-2009-8770 (fetchmail) File : nvt/fcore_2009_8770.nasl |
| 2009-09-09 | Name : Fedora Core 11 FEDORA-2009-8780 (fetchmail) File : nvt/fcore_2009_8780.nasl |
| 2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1427 File : nvt/RHSA_2009_1427.nasl |
| 2009-08-17 | Name : FreeBSD Ports: fetchmail File : nvt/freebsd_fetchmail12.nasl |
| 2009-08-17 | Name : Debian Security Advisory DSA 1852-1 (fetchmail) File : nvt/deb_1852_1.nasl |
| 2009-08-17 | Name : Ubuntu USN-816-1 (fetchmail) File : nvt/ubuntu_816_1.nasl |
| 2009-08-17 | Name : SuSE Security Advisory SUSE-SA:2009:044 (subversion) File : nvt/suse_sa_2009_044.nasl |
