LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

fetchmail: buffer overflow

Package(s):fetchmail CVE #(s):CAN-2002-1365
Created:December 17, 2002 Updated:October 20, 2003
Description: Versions of fetchmail prior to 6.2.0 have (yet another) buffer overflow vulnerability which can be exploited remotely via a suitably crafted message. See this advisory for details.
Alerts:
Immunix IMNX-2003-7+-023-01 2003-10-17
Mandrake MDKSA-2003:011 2003-01-27
EnGarde ESA-20030127-002 2003-01-27
SCO Group CSSA-2003-001.0 2003-01-09
SuSE SuSE-SA:2003:001 2003-01-02
Debian DSA-216-1 2002-12-24
Red Hat RHSA-2002:293-09 2002-12-17
Conectiva CLA-2002:554 2002-12-16
(Log in to post comments)

Does a week ever go by

Posted Jan 31, 2003 13:41 UTC (Fri) by paulsheer (guest, #3925) [Link]

Does a week ever go by when fetchmail does NOT have a new buffer overflow?
Surely LWN should put a seperate section for this package? :-)

Does a week ever go by

Posted Oct 23, 2003 3:02 UTC (Thu) by rfunk (subscriber, #4054) [Link]

ESR's been threatening to rewrite fetchmail in Python for a while now; a
few more of these and he might just make good on that threat.

Does a week ever go by

Posted Oct 23, 2003 8:16 UTC (Thu) by NAR (subscriber, #1313) [Link]

Does a week ever go by when fetchmail does NOT have a new buffer overflow?

New buffer overflow? It looks like 10 months old...

Bye,NAR

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds