Back to search
CVE-2011-1947
Published: Jun 2, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)
mailing-list
x_refsource_MLIST
48043
vdb-entry
x_refsource_BID
FEDORA-2011-8011
vendor-advisory
x_refsource_FEDORA
[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)
mailing-list
x_refsource_MLIST
[oss-security] 20110530 CVE request for fetchmail STARTTLS hang (Denial of Service)
mailing-list
x_refsource_MLIST
20110606 fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947)
mailing-list
x_refsource_BUGTRAQ
FEDORA-2011-8059
vendor-advisory
x_refsource_FEDORA
1025605
vdb-entry
x_refsource_SECTRACK
MDVSA-2011:107
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2011-8021
vendor-advisory
x_refsource_FEDORA
http://www.fetchmail.info/fetchmail-SA-2011-01.txt
x_refsource_CONFIRM
[oss-security] 20110601 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)
mailing-list
x_refsource_MLIST
fetchmail-starttls-dos(67700)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now