Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2002-294: fetchmail Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the fetchmail packages

Detailed Explanation for this Vulnerability Test

Updated Fetchmail packages are available for Red Hat Linux Advanced Server
which close a remotely-exploitable vulnerability in unpatched versions of
Fetchmail prior to 6.2.0.

[Updated 06 Feb 2003]
Added fixed packages for Advanced Workstation

Fetchmail is a remote mail retrieval and forwarding utility intended for
use over on-demand TCP/IP links such as SLIP and PPP connections. A bug
has been found in the header parsing code in versions of Fetchmail prior
to 6.2.0.

The bug allows a remote attacker to crash Fetchmail and potentially execute
arbitrary code by sending a carefully crafted email which is parsed by

All users of Fetchmail are advised to upgrade to the errata packages
containing a backported fix which corrects this issue.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.