pkg:Debian/fetchmail

所有已知漏洞

• HIGH7.5CVE-2021-36386report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow ma…
  from 0, < 6.4.16-4
• MEDIUM5.9CVE-2025-61962In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context.
  from 0
• MEDIUM5.9CVE-2021-39272Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAU…
  from 0
• —CVE-2012-3482Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (…
  from 0, < 6.3.22-1
• —CVE-2011-1947fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote…
  from 0, < 6.3.22-1
• —CVE-2010-1167fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which…
  from 0, < 6.3.16-2
• —CVE-2010-0562The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed,…
  from 0, < 6.3.13-2
• —CVE-2009-2666fetchmail - SSL certificate verification weakness
  from 0, < 6.3.9~rc2-6
• —CVE-2009-2666fetchmail - SSL certificate verification weakness
  from 0, < 6.3.6-1etch2
• —CVE-2008-2711fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and pers…
  from 0, < 6.3.9~rc2-1
• —CVE-2007-4565fetchmail - null pointer dereference
  from 0, < 6.3.6-1etch1
• —CVE-2007-4565fetchmail - null pointer dereference
  from 0, < 6.3.8-8
• —CVE-2007-1558icedove - several vulnerabilities
  from 0, < 6.3.8-1
• —CVE-2006-5867fetchmail
  from 0, < 6.2.5-12sarge5
• —CVE-2006-5867fetchmail
  from 0, < 6.3.6-1
• —CVE-2006-5974fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial…
  from 0, < 6.3.6-1
• —CVE-2006-0321fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service (crash) via crafted e-mail messages th…
  from 0, < 6.3.2-1
• —CVE-2005-4348fetchmail - programming error
  from 0, < 6.3.1-1
• —CVE-2005-4348fetchmail - programming error
  from 0, < 6.2.5-12sarge4
• —CVE-2005-3088fetchmail - programming error
  from 0, < 5.9.11-6.4
• —CVE-2005-3088fetchmail - programming error
  from 0, < 6.2.5.4-1
• —CVE-2005-2335fetchmail - buffer overflow
  from 0, < 6.2.5-16
• —CVE-2005-2335fetchmail - buffer overflow
  from 0, < 6.2.5-12sarge1
• —CVE-2003-0792Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (c…
  from 0, < 6.2.5
• —CVE-2002-1365fetchmail - buffer overflow
  from 0, < 5.9.11-6.2
• —CVE-2002-1365fetchmail - buffer overflow
  from 0, < 6.2.0-1
• —CVE-2002-1174fetchmail - buffer overflows
  from 0, < 5.9.11-6.1
• —CVE-2002-1174fetchmail - buffer overflows
  from 0, < 6.1.0-1
• —CVE-2002-1175The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a ma…
  from 0, < 6.1.0-1