Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2002:036: fetchmail Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the fetchmail package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2002:036 (fetchmail).

A problem was discovered with versions of fetchmail prior to 5.9.10 that was
triggered by retreiving mail from an IMAP server. The fetchmail client will
allocate an array to store the sizes of the messages it is attempting to
retrieve. This array size is acertaind by the number of messages the server is
claiming to have, and fetchmail would not check whether or not the number of
messages the server was claiming was too high. This would allow a malicious
server to make the fetchmail process write data outside of the array bounds.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.