FrSIRT - Fedora Security Update Fixes Fetchmail Warning Message Denial of Service / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes Fetchmail Warning Message Denial of Service

Title : Fedora Security Update Fixes Fetchmail Warning Message Denial of Service
Advisory ID : FrSIRT/ADV-2007-3048
CVE ID : CVE-2007-4565
Rated as : Low Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-09-05

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service [...]

Solution

Upgrade the affected packages :

9c13de5c295c8332646586f33d6f4f42a5be58b9 fetchmail-debuginfo-6.3.7-2.fc7.ppc64.rpm
4c72297f3d658e4c863471628e67f196b3b24c47 fetchmail-6.3.7-2.fc7.ppc64.rpm
22cbcfc665490a6a0cf59fcdd5cb119ff0f0fead fetchmail-debuginfo-6.3.7-2.fc7.i386.rpm
a2bad7e2afc8e394a9f24869a68f5b5aa4132f99 fetchmail-6.3.7-2.fc7.i386.rpm
1509a06d524e72ea7e73a4d2981cbc5c94e01c3f fetchmail-debuginfo-6.3.7-2.fc7.x86_64.rpm
d82a151341886040feb8ab64a9d7ff4413985924 fetchmail-6.3.7-2.fc7.x86_64.rpm
1cffd7b2aa63d940cbfe6f16fda6c3f08d3ca6d6 fetchmail-6.3.7-2.fc7.ppc.rpm
a6b8315da35610c94ec9f860b5fb6d124197ae90 fetchmail-debuginfo-6.3.7-2.fc7.ppc.rpm
67b78d7b97c9213792c20eacc309d0cefa664f72 fetchmail-6.3.7-2.fc7.src.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

967b763df071f550db8c18b0f993b1c190cf8e06 SRPMS/fetchmail-6.3.6-3.fc6.src.rpm
967b763df071f550db8c18b0f993b1c190cf8e06 noarch/fetchmail-6.3.6-3.fc6.src.rpm
5717ad2e06184def6489ace8b8cee0275777298b ppc/fetchmail-6.3.6-3.fc6.ppc.rpm
bdcb11e27c6cca5e4a6d1a516631c91db79532e4 ppc/debug/fetchmail-debuginfo-6.3.6-3.fc6.ppc.rpm
3ca7a37b3253fb37c3f39abeb5058f0ece386019 x86_64/debug/fetchmail-debuginfo-6.3.6-3.fc6.x86_64.rpm
0f80e52cd7cd6e40d3c9ff5d362eae5e69c349bc x86_64/fetchmail-6.3.6-3.fc6.x86_64.rpm
d1c37746627c010eea5a1654e80ca1142174b48a i386/fetchmail-6.3.6-3.fc6.i386.rpm
8c525491a4a2ba3cdf6d45fcf06e7d8087390345 i386/debug/fetchmail-debuginfo-6.3.6-3.fc6.i386.rpm

ChangeLog

2007-09-05 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	IBM DB2 CLR Stored Procedures Unspecified Vulnerability
	IBM Lotus Quickr Multiple Cross Site Scripting Vulnerabilities
	IBM WebSphere Portal Remote Authentication Bypass Vulnerability
	IBM Rational ClearQuest Login Page Cross Site Scripting Vulnerability
	IBM WebSphere Application Server Security Exposure Vulnerabilities
	IBM AIX DNS Transaction ID Remote Cache Poisoning Vulnerability
	IBM Tivoli Directory Server Entry Handling Double-Free Vulnerability

	Microsoft Visual Studio "Msmask32" Code Execution Vulnerability
	Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)
	Microsoft Windows Messenger Data Disclosure (MS08-050)
	Microsoft Windows Event System Code Execution (MS08-049)
	Microsoft Outlook and Mail Security Bypass Vulnerability (MS08-048)
	Microsoft Windows IPsec Policy Data Disclosure Vulnerability (MS08-047)
	Microsoft Windows MSCMS Code Execution Vulnerability (MS08-046)

	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution and Security Bypass Issues
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability
	Mozilla Thunderbird Code Execution and Cross Site Scripting Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues
	Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues