CVE-2021-36386

by Fred · 29/07/2021

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user.

Date published : 2021-07-29

https://www.fetchmail.info/fetchmail-SA-2021-01.txt

https://lists.fedoraproject.org/archives/list/[email protected]/message/OIXKO6QW3AUHGJVWKJXBCOVBYJUJRBFC/

CVE-2021-36386

Related

Recent Posts

Categories

Latest CWE

CVE-2021-36386

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE