LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

fetchmail: buffer overflow

Package(s):fetchmail CVE #(s):CAN-2002-1365
Created:December 17, 2002 Updated:October 20, 2003
Description: Versions of fetchmail prior to 6.2.0 have (yet another) buffer overflow vulnerability which can be exploited remotely via a suitably crafted message. See this advisory for details.
Alerts:
Conectiva CLA-2002:554 2002-12-16
Red Hat RHSA-2002:293-09 2002-12-17
Debian DSA-216-1 2002-12-24
SuSE SuSE-SA:2003:001 2003-01-02
SCO Group CSSA-2003-001.0 2003-01-09
EnGarde ESA-20030127-002 2003-01-27
Mandrake MDKSA-2003:011 2003-01-27
Immunix IMNX-2003-7+-023-01 2003-10-17
(Log in to post comments)

Does a week ever go by

Posted Jan 31, 2003 13:41 UTC (Fri) by paulsheer (guest, #3925) [Link]

Does a week ever go by when fetchmail does NOT have a new buffer overflow?
Surely LWN should put a seperate section for this package? :-)

Does a week ever go by

Posted Oct 23, 2003 3:02 UTC (Thu) by rfunk (subscriber, #4054) [Link]

ESR's been threatening to rewrite fetchmail in Python for a while now; a
few more of these and he might just make good on that threat.

Does a week ever go by

Posted Oct 23, 2003 8:16 UTC (Thu) by NAR (subscriber, #1313) [Link]

Does a week ever go by when fetchmail does NOT have a new buffer overflow?

New buffer overflow? It looks like 10 months old...

Bye,NAR

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.