Fetchmail Verbose Mode Large Log Messages Remote Denial of Service Vulnerability

Bugtraq ID: 29705
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2008-2711
Remote: Yes
Local: No
Published: Jun 13 2008 12:00AM
Updated: Apr 13 2015 09:33PM
Credit: Matthias Andree reported this issue. Petr Uzel, Petr Cerny, and Gunter Nau are credited with discovering and researching the problem.
Vulnerable: Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux 12.1
Slackware Linux 12.0
Slackware Linux 11.0
Slackware Linux -current
S.u.S.E. openSUSE 10.3
rPath rPath Linux 2
rPath rPath Linux 1
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux Desktop version 4
Redhat Enterprise Linux 5 Server
Redhat Desktop 3.0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
Eric Raymond Fetchmail 6.3.8
+ Trustix Secure Linux 3.0.5
+ Trustix Secure Linux 3.0
Eric Raymond Fetchmail 6.3.7
Eric Raymond Fetchmail 6.3.6
Eric Raymond Fetchmail 6.3.5
Eric Raymond Fetchmail 6.3.4
Eric Raymond Fetchmail 6.3.3
Eric Raymond Fetchmail 6.3.2
Eric Raymond Fetchmail 6.3.1
Eric Raymond Fetchmail 6.3
Eric Raymond Fetchmail 6.2.5
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Redhat Fedora Core4
+ Redhat Fedora Core3
+ Ubuntu Ubuntu Linux 5.10 powerpc
+ Ubuntu Ubuntu Linux 5.10 i386
+ Ubuntu Ubuntu Linux 5.10 amd64
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Eric Raymond Fetchmail 4.6.8
Eric Raymond Fetchmail 4.6.7
Eric Raymond Fetchmail 6.3.6-rc3
Eric Raymond Fetchmail 6.3.6-rc2
Eric Raymond Fetchmail 6.3.6-rc1
Apple Mac OS X Server 10.5.6
Apple Mac OS X Server 10.5.5
Apple Mac OS X Server 10.5.4
Apple Mac OS X Server 10.5.3
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.6
Apple Mac OS X 10.5.5
Apple Mac OS X 10.5.4
Apple Mac OS X 10.5.3
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.4.10
Apple Mac OS X 10.4.9
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple Mac OS X 10.5
Not Vulnerable: Eric Raymond Fetchmail 6.3.9


 

Privacy Statement
Copyright 2010, SecurityFocus