Download
| Alert*
oval:org.secpod.oval:def:202101
Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, such as SLIP and PPP connections. It was discovered that fetchmail is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.50 ... oval:org.secpod.oval:def:203176 fetchmail is installed oval:org.secpod.oval:def:202176 Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, such as SLIP and PPP connections. It was discovered that fetchmail is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.50 ... oval:org.secpod.oval:def:89045550 This update for fetchmail fixes the following issues: - CVE-2021-36386: Fixed a missing variable initialization that can cause read from bad memory locations. - Change PASSWORDLEN from 64 to 256 oval:org.secpod.oval:def:1601323 Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to cause a denial of service via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or obtain sensitive information from memory via an NTLM Type 2 message with ... oval:org.secpod.oval:def:89045168 This update for fetchmail fixes the following issues: - CVE-2012-3482: A denial of service vulnerability in the base64 decoder during processing server NTLM protocol exchange was fixed . oval:org.secpod.oval:def:500600 Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, such as SLIP and PPP connections. It was discovered that fetchmail is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.50 ... oval:org.secpod.oval:def:120771 Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet for retrieval. Then Fetchmail forwards the mail through SMTP so you can read it thro ... oval:org.secpod.oval:def:120770 Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet for retrieval. Then Fetchmail forwards the mail through SMTP so you can read it thro ... oval:org.secpod.oval:def:89047160 This update for fetchmail fixes the following issues: - CVE-2021-39272: Fix failure to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH oval:org.secpod.oval:def:89047209 This update for fetchmail fixes the following issues: - CVE-2021-36386: Fixed DoS or information disclosure in some configurations . - CVE-2021-39272: Fixed STARTTLS session encryption bypassing . - Update to 6.4.22 - Remove all python2 dependencies . - De-hardcode /usr/lib path for launch executa ... oval:org.secpod.oval:def:1505655 [6.4.24-1] - Update to fetchmail-6.4.24 Resolves: #1999275, #2002698 oval:org.secpod.oval:def:4500927 Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet for retrieval. Then Fetchmail forwards the mail through SMTP so the user can read it ... oval:org.secpod.oval:def:89047079 This update for fetchmail fixes the following issues: - CVE-2021-36386: Fixed a missing variable initialization that can cause read from bad memory locations. - Change PASSWORDLEN from 64 to 256 |