FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-4348

This CVE name corresponds to:

Entered Topic
2005-12-19 fetchmail -- null pointer dereference in multidrop mode with headerless email

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-4348 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-4348
Phase Assigned(20051219)

Description

fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.

References

Source Reference
BUGTRAQ 20051221 fetchmail security announcement fetchmail-SA-2005-03 (CVE-2005-4348)
BUGTRAQ 20060526 rPSA-2006-0084-1 fetchmail
MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343836
CONFIRM http://fetchmail.berlios.de/fetchmail-SA-2005-03.txt
DEBIAN DSA-939
MANDRIVA MDKSA-2005:236
REDHAT RHSA-2007:0018
SGI 20070201-01-P
SLACKWARE SSA:2006-045-01
SUSE SUSE-SR:2007:004
TRUSTIX 2006-0002
UBUNTU USN-233-1
BID 15987
BID 19289
OVAL oval:org.mitre.oval:def:9659
VUPEN ADV-2005-2996
VUPEN ADV-2006-3101
OSVDB 21906
SECTRACK 1015383
SECUNIA 17891
SECUNIA 18172
SECUNIA 18231
SECUNIA 18266
SECUNIA 18433
SECUNIA 18895
SECUNIA 18463
SECUNIA 21253
SECUNIA 24007
SECUNIA 24284
XF fetchmail-null-pointer-dos(23713)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.