Lucene search

MitreCVE-2002-1174

HistoryOct 11, 2002 - 4:00 a.m.

CVE-2002-1174

2002-10-1104:00:00

CWE-119

mitre

web.nvd.nist.gov

cve-2002-1174

fetchmail

buffer overflow

remote attackers

denial of service

arbitrary code

security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.118

Percentile

95.3%

JSON

Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly parsed by the parse_received function.

Affected configurations

Nvd

Node

fetchmailfetchmailRange≤6.0.0

fetchmailfetchmailMatch4.5.1

fetchmailfetchmailMatch4.5.2

fetchmailfetchmailMatch4.5.3

fetchmailfetchmailMatch4.5.4

fetchmailfetchmailMatch4.5.5

fetchmailfetchmailMatch4.5.6

fetchmailfetchmailMatch4.5.7

fetchmailfetchmailMatch4.5.8

fetchmailfetchmailMatch4.6.0

fetchmailfetchmailMatch4.6.1

fetchmailfetchmailMatch4.6.2

fetchmailfetchmailMatch4.6.3

fetchmailfetchmailMatch4.6.4

fetchmailfetchmailMatch4.6.5

fetchmailfetchmailMatch4.6.6

fetchmailfetchmailMatch4.6.7

fetchmailfetchmailMatch4.6.8

fetchmailfetchmailMatch4.6.9

fetchmailfetchmailMatch4.7.0

fetchmailfetchmailMatch4.7.1

fetchmailfetchmailMatch4.7.2

fetchmailfetchmailMatch4.7.3

fetchmailfetchmailMatch4.7.4

fetchmailfetchmailMatch4.7.5

fetchmailfetchmailMatch4.7.6

fetchmailfetchmailMatch4.7.7

fetchmailfetchmailMatch5.0.0

fetchmailfetchmailMatch5.0.1

fetchmailfetchmailMatch5.0.2

fetchmailfetchmailMatch5.0.3

fetchmailfetchmailMatch5.0.4

fetchmailfetchmailMatch5.0.5

fetchmailfetchmailMatch5.0.6

fetchmailfetchmailMatch5.0.7

fetchmailfetchmailMatch5.0.8

fetchmailfetchmailMatch5.1.0

fetchmailfetchmailMatch5.1.4

fetchmailfetchmailMatch5.2.0

fetchmailfetchmailMatch5.2.1

fetchmailfetchmailMatch5.2.3

fetchmailfetchmailMatch5.2.4

fetchmailfetchmailMatch5.2.7

fetchmailfetchmailMatch5.2.8

fetchmailfetchmailMatch5.3.0

fetchmailfetchmailMatch5.3.1

fetchmailfetchmailMatch5.3.3

fetchmailfetchmailMatch5.3.8

fetchmailfetchmailMatch5.4.0

fetchmailfetchmailMatch5.4.3

fetchmailfetchmailMatch5.4.4

fetchmailfetchmailMatch5.4.5

fetchmailfetchmailMatch5.5.0

fetchmailfetchmailMatch5.5.2

fetchmailfetchmailMatch5.5.3

fetchmailfetchmailMatch5.5.5

fetchmailfetchmailMatch5.5.6

fetchmailfetchmailMatch5.6.0

fetchmailfetchmailMatch5.7.0

fetchmailfetchmailMatch5.7.2

fetchmailfetchmailMatch5.7.4

fetchmailfetchmailMatch5.8

fetchmailfetchmailMatch5.8.1

fetchmailfetchmailMatch5.8.2

fetchmailfetchmailMatch5.8.3

fetchmailfetchmailMatch5.8.4

fetchmailfetchmailMatch5.8.5

fetchmailfetchmailMatch5.8.6

fetchmailfetchmailMatch5.8.11

fetchmailfetchmailMatch5.8.13

fetchmailfetchmailMatch5.8.14

fetchmailfetchmailMatch5.8.17

fetchmailfetchmailMatch5.9.0

fetchmailfetchmailMatch5.9.4

fetchmailfetchmailMatch5.9.5

fetchmailfetchmailMatch5.9.8

fetchmailfetchmailMatch5.9.10

fetchmailfetchmailMatch5.9.11

fetchmailfetchmailMatch5.9.13

VendorProductVersionCPE
fetchmailfetchmail*cpe:2.3:a:fetchmail:fetchmail:*:*:*:*:*:*:*:*
fetchmailfetchmail4.5.1cpe:2.3:a:fetchmail:fetchmail:4.5.1:*:*:*:*:*:*:*
fetchmailfetchmail4.5.2cpe:2.3:a:fetchmail:fetchmail:4.5.2:*:*:*:*:*:*:*
fetchmailfetchmail4.5.3cpe:2.3:a:fetchmail:fetchmail:4.5.3:*:*:*:*:*:*:*
fetchmailfetchmail4.5.4cpe:2.3:a:fetchmail:fetchmail:4.5.4:*:*:*:*:*:*:*
fetchmailfetchmail4.5.5cpe:2.3:a:fetchmail:fetchmail:4.5.5:*:*:*:*:*:*:*
fetchmailfetchmail4.5.6cpe:2.3:a:fetchmail:fetchmail:4.5.6:*:*:*:*:*:*:*
fetchmailfetchmail4.5.7cpe:2.3:a:fetchmail:fetchmail:4.5.7:*:*:*:*:*:*:*
fetchmailfetchmail4.5.8cpe:2.3:a:fetchmail:fetchmail:4.5.8:*:*:*:*:*:*:*
fetchmailfetchmail4.6.0cpe:2.3:a:fetchmail:fetchmail:4.6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fetchmail	fetchmail	*	cpe:2.3:a:fetchmail:fetchmail::::::::
fetchmail	fetchmail	4.5.1	cpe:2.3:a:fetchmail:fetchmail:4.5.1:::::::*
fetchmail	fetchmail	4.5.2	cpe:2.3:a:fetchmail:fetchmail:4.5.2:::::::*
fetchmail	fetchmail	4.5.3	cpe:2.3:a:fetchmail:fetchmail:4.5.3:::::::*
fetchmail	fetchmail	4.5.4	cpe:2.3:a:fetchmail:fetchmail:4.5.4:::::::*
fetchmail	fetchmail	4.5.5	cpe:2.3:a:fetchmail:fetchmail:4.5.5:::::::*
fetchmail	fetchmail	4.5.6	cpe:2.3:a:fetchmail:fetchmail:4.5.6:::::::*
fetchmail	fetchmail	4.5.7	cpe:2.3:a:fetchmail:fetchmail:4.5.7:::::::*
fetchmail	fetchmail	4.5.8	cpe:2.3:a:fetchmail:fetchmail:4.5.8:::::::*
fetchmail	fetchmail	4.6.0	cpe:2.3:a:fetchmail:fetchmail:4.6.0:::::::*

Rows per page:

1-10 of 791

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000531

marc.info/?l=bugtraq&m=103340148625187&w=2

rhn.redhat.com/errata/RHSA-2002-215.html

www.debian.org/security/2002/dsa-171

www.iss.net/security_center/static/10203.php

www.linux-mandrake.com/en/security/2002/MDKSA-2002-063.php

www.linuxsecurity.com/advisories/other_advisory-2402.html

www.securityfocus.com/bid/5825

www.securityfocus.com/bid/5827

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.118

Percentile

95.3%

JSON

Related for CVE-2002-1174