Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN153-1 : fetchmail vulnerability Vulnerability Scan

Vulnerability Scan Summary
fetchmail vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- fetchmail
- fetchmail-ssl
- fetchmailconf

Description :

Ross Boylan discovered a remote buffer overflow in fetchmail. By
sending invalid responses with very long UIDs, a faulty or malicious
POP server could crash fetchmail or execute arbitrary code with the
rights of the user invoking fetchmail.

fetchmail is commonly run as root to fetch mail for multiple user
in this case, this vulnerability could be exploited to
compromise the whole system.

Solution :

Upgrade to :
- fetchmail-6.2.5-12ubuntu1.1 (Ubuntu 5.04)
- fetchmail-ssl-6.2.5-12ubuntu1.1 (Ubuntu 5.04)
- fetchmailconf-6.2.5-12ubuntu1.1 (Ubuntu 5.04)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.