Lucene search
HistoryNov 17, 2003 - 5:00 a.m.
CVE-2003-0792
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.035
Percentile
91.6%
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.
Affected configurations
Node
fetchmailfetchmailRange≤6.2.4
ORfetchmailfetchmailMatch4.5.1
ORfetchmailfetchmailMatch4.5.2
ORfetchmailfetchmailMatch4.5.3
ORfetchmailfetchmailMatch4.5.4
ORfetchmailfetchmailMatch4.5.5
ORfetchmailfetchmailMatch4.5.6
ORfetchmailfetchmailMatch4.5.7
ORfetchmailfetchmailMatch4.5.8
ORfetchmailfetchmailMatch4.6.0
ORfetchmailfetchmailMatch4.6.1
ORfetchmailfetchmailMatch4.6.2
ORfetchmailfetchmailMatch4.6.3
ORfetchmailfetchmailMatch4.6.4
ORfetchmailfetchmailMatch4.6.5
ORfetchmailfetchmailMatch4.6.6
ORfetchmailfetchmailMatch4.6.7
ORfetchmailfetchmailMatch4.6.8
ORfetchmailfetchmailMatch4.6.9
ORfetchmailfetchmailMatch4.7.0
ORfetchmailfetchmailMatch4.7.1
ORfetchmailfetchmailMatch4.7.2
ORfetchmailfetchmailMatch4.7.3
ORfetchmailfetchmailMatch4.7.4
ORfetchmailfetchmailMatch4.7.5
ORfetchmailfetchmailMatch4.7.6
ORfetchmailfetchmailMatch4.7.7
ORfetchmailfetchmailMatch5.0.0
ORfetchmailfetchmailMatch5.0.1
ORfetchmailfetchmailMatch5.0.2
ORfetchmailfetchmailMatch5.0.3
ORfetchmailfetchmailMatch5.0.4
ORfetchmailfetchmailMatch5.0.5
ORfetchmailfetchmailMatch5.0.6
ORfetchmailfetchmailMatch5.0.7
ORfetchmailfetchmailMatch5.0.8
ORfetchmailfetchmailMatch5.1.0
ORfetchmailfetchmailMatch5.1.4
ORfetchmailfetchmailMatch5.2.0
ORfetchmailfetchmailMatch5.2.1
ORfetchmailfetchmailMatch5.2.3
ORfetchmailfetchmailMatch5.2.4
ORfetchmailfetchmailMatch5.2.7
ORfetchmailfetchmailMatch5.2.8
ORfetchmailfetchmailMatch5.3.0
ORfetchmailfetchmailMatch5.3.1
ORfetchmailfetchmailMatch5.3.3
ORfetchmailfetchmailMatch5.3.8
ORfetchmailfetchmailMatch5.4.0
ORfetchmailfetchmailMatch5.4.3
ORfetchmailfetchmailMatch5.4.4
ORfetchmailfetchmailMatch5.4.5
ORfetchmailfetchmailMatch5.5.0
ORfetchmailfetchmailMatch5.5.2
ORfetchmailfetchmailMatch5.5.3
ORfetchmailfetchmailMatch5.5.5
ORfetchmailfetchmailMatch5.5.6
ORfetchmailfetchmailMatch5.6.0
ORfetchmailfetchmailMatch5.7.0
ORfetchmailfetchmailMatch5.7.2
ORfetchmailfetchmailMatch5.7.4
ORfetchmailfetchmailMatch5.8
ORfetchmailfetchmailMatch5.8.1
ORfetchmailfetchmailMatch5.8.2
ORfetchmailfetchmailMatch5.8.3
ORfetchmailfetchmailMatch5.8.4
ORfetchmailfetchmailMatch5.8.5
ORfetchmailfetchmailMatch5.8.6
ORfetchmailfetchmailMatch5.8.11
ORfetchmailfetchmailMatch5.8.13
ORfetchmailfetchmailMatch5.8.14
ORfetchmailfetchmailMatch5.8.17
ORfetchmailfetchmailMatch5.9.0
ORfetchmailfetchmailMatch5.9.4
ORfetchmailfetchmailMatch5.9.5
ORfetchmailfetchmailMatch5.9.8
ORfetchmailfetchmailMatch5.9.10
ORfetchmailfetchmailMatch5.9.11
ORfetchmailfetchmailMatch5.9.13
ORfetchmailfetchmailMatch6.0.0
ORfetchmailfetchmailMatch6.1.0
ORfetchmailfetchmailMatch6.1.3
ORfetchmailfetchmailMatch6.2.0
ORfetchmailfetchmailMatch6.2.1
ORfetchmailfetchmailMatch6.2.2
ORfetchmailfetchmailMatch6.2.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fetchmail | fetchmail | * | cpe:2.3:a:fetchmail:fetchmail:*:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.1 | cpe:2.3:a:fetchmail:fetchmail:4.5.1:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.2 | cpe:2.3:a:fetchmail:fetchmail:4.5.2:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.3 | cpe:2.3:a:fetchmail:fetchmail:4.5.3:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.4 | cpe:2.3:a:fetchmail:fetchmail:4.5.4:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.5 | cpe:2.3:a:fetchmail:fetchmail:4.5.5:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.6 | cpe:2.3:a:fetchmail:fetchmail:4.5.6:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.7 | cpe:2.3:a:fetchmail:fetchmail:4.5.7:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.8 | cpe:2.3:a:fetchmail:fetchmail:4.5.8:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.6.0 | cpe:2.3:a:fetchmail:fetchmail:4.6.0:*:*:*:*:*:*:* |
References
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-004.0/CSSA-2004-004.0.txt
marc.info/?l=bugtraq&m=107731542827401&w=2
security.gentoo.org/glsa/glsa-200403-10.xml
www.mandriva.com/security/advisories?name=MDKSA-2003:101
www.securityfocus.com/advisories/5987
www.securityfocus.com/bid/8843
www.turbolinux.com/security/TLSA-2003-61.txt
exchange.xforce.ibmcloud.com/vulnerabilities/13450
Related
nessus
nessus
FreeBSD : fetchmail denial-of-service vulnerability (48)
2004-07-06 00:00:00
GLSA-200403-10 : Fetchmail 6.2.5 fixes a remote DoS
2004-08-30 00:00:00
debiancve
debiancve
CVE-2003-0792
2003-11-17 05:00:00
openvas
openvas
FreeBSD Ports: fetchmail
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200403-10 (fetchmail)
2008-09-24 00:00:00
Slackware Advisory SSA:2003-300-02 fetchmail security update
2012-09-11 00:00:00
cve
cve
CVE-2003-0792
2003-11-17 05:00:00
slackware
slackware
fetchmail security update
2003-10-27 12:07:56
gentoo
gentoo
Fetchmail 6.2.5 fixes a remote DoS
2004-03-30 00:00:00
cvelist
cvelist
CVE-2003-0792
2003-10-21 04:00:00
securityvulns
securityvulns
freebsd
freebsd
fetchmail -- denial-of-service vulnerability
2003-10-16 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.035
Percentile
91.6%
Related for NVD:CVE-2003-0792