Info

Last Modified

5 months ago

Percent Complete

30%

Disclosure

Sep 07, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

This Entry needs help! It is only 30% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Keywords

Description

(Description Provided by CVE) : sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.

Classification

Solution: Upgrade
Disclosure: Vendor Verified

Solution

Upgrade to version 6.3.9-rc2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

Security Tracker: 1018627
CVE ID: 2007-4565 (see also: NVD)
Bugtraq ID: 25495
Secunia Advisory ID: 27399 33937
ISS X-Force ID: 36385
FrSIRT Advisory: ADV-2007-3032
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-06/0158.html
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
Vendor Specific News/Changelog Entry: http://fetchmail.berlios.de/fetchmail-SA-2007-02.txt
http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2007-02.txt
https://issues.rpath.com/browse/RPL-1690
Other Advisory URL: http://securityreason.com/securityalert/3074
http://support.apple.com/kb/HT3438
http://www.debian.org/security/2007/dsa-1377
http://www.mandriva.com/security/advisories?name=MDKSA-2007:179
http://www.trustix.org/errata/2007/0028/
http://www.ubuntu.com/usn/usn-520-1

Tools & Filters

Nessus	25981 26046 27742 28125

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches