VulnerableCode Package Details - pkg:deb/ubuntu/fetchmail@6.2.5-12ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/fetchmail@6.2.5-12ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/fetchmail@6.2.5-12ubuntu1

Next non-vulnerable version	6.3.26-1
Latest non-vulnerable version	6.3.26-1
Risk	2.6

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-62nh-5871-aaar Aliases: CVE-2012-3482	Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read.	6.3.26-1 Affected by 0 other vulnerabilities.
VCID-dqer-jfgw-aaaq Aliases: CVE-2011-1947	fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.	6.3.26-1 Affected by 0 other vulnerabilities.
VCID-pft5-dufe-aaas Aliases: CVE-2010-1167	fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted (1) message header or (2) POP3 UIDL list.	6.3.17-4ubuntu1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version