CVE-2007-4565
fetchmail - null pointer dereference
EPSS 3.1%
Description
sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.
How to fix CVE-2007-4565
To remediate CVE-2007-4565, upgrade the affected package to a fixed version below.
- Debian/fetchmail—upgrade to 6.3.8-8 or later
- Debian/fetchmail—upgrade to 6.3.6-1etch1 or later
Is CVE-2007-4565 being exploited?
Low — EPSS is 3.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 6.3.8-8
- from 0, < 6.3.6-1etch1