CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-4348

HIGH
7.8
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile31.41th
Published2005年12月21日
Last Modified2026年4月16日

Vulnerability Description

fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.

Affected Platforms (CPE)

📦
Fetchmail

Fetchmail

>= 6.2.0 and < 6.2.5.5
📦
Fetchmail

Fetchmail

>= 6.3.0 and < 6.3.1

References & Advisories

🔗 ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
🔗 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343836
🔗 http://fetchmail.berlios.de/fetchmail-SA-2005-03.txt
🔗 http://secunia.com/advisories/17891
🔗 http://secunia.com/advisories/18172
🔗 http://secunia.com/advisories/18231
🔗 http://secunia.com/advisories/18266
🔗 http://secunia.com/advisories/18433

相關漏洞威脅

CVE-2001-010110.0

Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command.

CVE-2001-100910.0

Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrar...

CVE-2020-52398.7

In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a...

CVE-2006-58677.8

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circ...