CVE-2006-5974
EPSS 13.8%
Description
fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference when calling the (1) ferror or (2) fflush functions.
How to fix CVE-2006-5974
To remediate CVE-2006-5974, upgrade the affected package to a fixed version below.
- Debian/fetchmail—upgrade to 6.3.6-1 or later
Is CVE-2006-5974 being exploited?
Moderate — EPSS is 13.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 6.3.6-1