← voltar
CVE-2010-1167

CVE-2010-1167

EPSS 2.2%
fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted (1) message header or (2) POP3 UIDL list.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://developer.berlios.de/project/shownotes.php?group_id=1824&release_id=17512http://www.fetchmail.info/fetchmail-SA-2010-02.txthttp://www.mandriva.com/security/advisories?name=MDVSA-2011:107http://www.securityfocus.com/archive/1/511140/100/0/threadedhttp://www.securityfocus.com/bid/39556