Lucene search
Veracode Vulnerability DatabaseVERACODE:32120HistorySep 15, 2021 - 11:52 a.m.
Information Disclosure
2021-09-1511:52:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
fetchmail
vulnerability
starttls encryption
imap
EPSS
0.002
Percentile
55.7%
Fetchmail is vulnerable to informaiton disclosure. It fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
References
www.openwall.com/lists/oss-security/2021/08/27/3
lists.fedoraproject.org/archives/list/[email protected]/message/L3XJ6XLEJCEZCAM5LGGD6XBCC522QLG4/
lists.fedoraproject.org/archives/list/[email protected]/message/VXMKSEHAQSEDCWZMAOJEGX3P3JW6QY6H/
lists.fedoraproject.org/archives/list/[email protected]/message/ZYCYLL73NP7ALJWSDICIVSA47ZIXWSSA/
nostarttls.secvuln.info/
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.14/community.yaml
www.fetchmail.info/security.html
Related
nessus
nessus
openSUSE 15 Security Update : fetchmail (openSUSE-SU-2021:3493-1)
2021-10-21 00:00:00
FreeBSD : fetchmail -- STARTTLS bypass vulnerabilities (1d6410e8-06c1-11ec-a35d-03ca114d16d6)
2021-08-30 00:00:00
SUSE SLES12 Security Update : fetchmail (SUSE-SU-2021:3492-1)
2021-10-21 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: fetchmail-6.4.22-1.fc34
2021-09-24 20:33:11
[SECURITY] Fedora 33 Update: fetchmail-6.4.22-1.fc33
2021-09-24 20:38:13
[SECURITY] Fedora 35 Update: fetchmail-6.4.22-1.fc35
2021-09-24 20:55:31
openvas
openvas
openSUSE: Security Advisory for fetchmail (openSUSE-SU-2021:3493-1)
2021-10-21 00:00:00
Fedora: Security Advisory for fetchmail (FEDORA-2021-ddefbdbb46)
2021-10-02 00:00:00
Fedora: Security Advisory for fetchmail (FEDORA-2021-e61a978fef)
2021-10-02 00:00:00
cve
cve
CVE-2021-39272
2021-08-30 06:15:06
osv
osv
CVE-2021-39272
2021-08-30 06:15:06
Moderate: fetchmail security update
2022-05-10 06:41:48
Moderate: fetchmail security update
2022-05-10 06:41:48
debiancve
debiancve
CVE-2021-39272
2021-08-30 06:15:06
redhatcve
redhatcve
CVE-2021-39272
2021-08-30 17:18:35
suse
suse
Security update for fetchmail (moderate)
2021-10-20 00:00:00
Security update for fetchmail (moderate)
2021-10-31 00:00:00
Security update for fetchmail (moderate)
2021-12-14 00:00:00
alpinelinux
alpinelinux
CVE-2021-39272
2021-08-30 06:15:06
prion
prion
Session fixation
2021-08-30 06:15:00
cbl_mariner
cbl_mariner
CVE-2021-39272 affecting package fetchmail for versions less than 6.4.22-1
2023-09-28 11:57:58
nvd
nvd
CVE-2021-39272
2021-08-30 06:15:06
freebsd
freebsd
fetchmail -- STARTTLS bypass vulnerabilities
2021-08-10 00:00:00
mageia
mageia
Updated fetchmail packages fix security vulnerability
2021-12-11 01:19:07
cvelist
cvelist
CVE-2021-39272
2021-08-30 05:05:26
ubuntucve
ubuntucve
CVE-2021-39272
2021-08-30 00:00:00
almalinux
almalinux
Moderate: fetchmail security update
2022-05-10 06:41:48
oraclelinux
oraclelinux
fetchmail security update
2022-05-17 00:00:00
rocky
rocky
fetchmail security update
2022-05-10 06:41:48
gentoo
gentoo
Fetchmail: Multiple Vulnerabilities
2022-09-25 00:00:00
redhat
redhat
(RHSA-2022:1964) Moderate: fetchmail security update
2022-05-10 06:41:48