CVE-2005-4348
fetchmail - programming error
EPSS 10.0%
Description
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.
How to fix CVE-2005-4348
To remediate CVE-2005-4348, upgrade the affected package to a fixed version below.
- Debian/fetchmail—upgrade to 6.3.1-1 or later
- Debian/fetchmail—upgrade to 6.2.5-12sarge4 or later
Is CVE-2005-4348 being exploited?
Moderate — EPSS is 10.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 6.3.1-1
- from 0, < 6.2.5-12sarge4