CVE-2011-1947

EPSS 2.4%

Published: 6/2/2011Modified: 4/28/2026

Description

fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.

Affected packages (1)

Debian/fetchmailfrom 0, < 6.3.22-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1947