Vulnerabilities > CVE-2003-0792 - Resource Management Errors vulnerability in Fetchmail

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
fetchmail
CWE-399
nessus
NVD
Published: 2003-11-17
Updated: 2017-07-11

Summary

Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.

Vulnerable Configurations

Part Description Count
Application
Fetchmail
86

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_FETCHMAIL_625.NASL
    descriptionThe following package needs to be updated: fetchmail
    last seen2016-09-26
    modified2011-10-03
    plugin id12541
    published2004-07-06
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=12541
    titleFreeBSD : fetchmail denial-of-service vulnerability (48)
    code
    #%NASL_MIN_LEVEL 999999

# @DEPRECATED@
#
# This script has been deprecated by freebsd_pkg_ac4b9d1867a911d880e30020ed76ef5a.nasl.
#
# Disabled on 2011/10/02.
#

#
# (C) Tenable Network Security, Inc.
#
# This script contains information extracted from VuXML :
#
# Copyright 2003-2006 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
#   copyright notice, this list of conditions and the following
#   disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
#   published online in any format, converted to PDF, PostScript,
#   RTF and other formats) must reproduce the above copyright
#   notice, this list of conditions and the following disclaimer
#   in the documentation and/or other materials provided with the
#   distribution.
#
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
#
#

include('compat.inc');

if ( description )
{
 script_id(12541);
 script_version("1.13");
 script_bugtraq_id(8843);
 script_cve_id("CVE-2003-0792");

 script_name(english:"FreeBSD : fetchmail denial-of-service vulnerability (48)");

script_set_attribute(attribute:'synopsis', value: 'The remote host is missing a security update');
script_set_attribute(attribute:'description', value:'The following package needs to be updated: fetchmail');
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:ND");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:'solution', value: 'Update the package on the remote host');
script_set_attribute(attribute: 'see_also', value: 'http://drupal.org/node/184315
http://drupal.org/node/184316
http://drupal.org/node/184320
http://drupal.org/node/184348
http://drupal.org/node/184354
http://secunia.com/advisories/12160
http://secunia.com/advisories/27292
http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-09.html
http://www.mozilla.org/security/announce/2006/mfsa2006-10.html
http://www.mozilla.org/security/announce/2006/mfsa2006-11.html
http://www.mozilla.org/security/announce/2006/mfsa2006-12.html
http://www.mozilla.org/security/announce/2006/mfsa2006-13.html
http://www.mozilla.org/security/announce/2006/mfsa2006-14.html
http://www.mozilla.org/security/announce/2006/mfsa2006-15.html
http://www.mozilla.org/security/announce/2006/mfsa2006-16.html
http://www.mozilla.org/security/announce/2006/mfsa2006-17.html
http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/fetchmail/patches/Attic/patch-rfc822_c?rev=1.1
http://xforce.iss.net/xforce/xfdb/13450');
script_set_attribute(attribute:'see_also', value: 'http://www.FreeBSD.org/ports/portaudit/ac4b9d18-67a9-11d8-80e3-0020ed76ef5a.html');

 script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/06");
 script_cvs_date("Date: 2018/07/20  0:18:52");
 script_end_attributes();
 script_summary(english:"Check for fetchmail");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
 family["english"] = "FreeBSD Local Security Checks";
 script_family(english:family["english"]);
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/FreeBSD/pkg_info");
 exit(0);
}

# Deprecated.
exit(0, "This plugin has been deprecated. Refer to plugin #37051 (freebsd_pkg_ac4b9d1867a911d880e30020ed76ef5a.nasl) instead.");

global_var cvss_score;
cvss_score=5;
include('freebsd_package.inc');


pkg_test(pkg:"fetchmail<6.2.5");
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200403-10.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200403-10 (Fetchmail 6.2.5 fixes a remote DoS) Fetchmail versions 6.2.4 and earlier can be crashed by sending a specially crafted email to a Fetchmail user. This problem occurs because Fetchmail does not properly allocate memory for long lines in an incoming email. Impact : Fetchmail users who receive a malicious email may have their Fetchmail program crash. Workaround : While a workaround is not currently known for this issue, all users are advised to upgrade to the latest version of Fetchmail.
    last seen2020-06-01
    modified2020-06-02
    plugin id14461
    published2004-08-30
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/14461
    titleGLSA-200403-10 : Fetchmail 6.2.5 fixes a remote DoS
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200403-10.
#
# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(14461);
  script_version("1.15");
  script_cvs_date("Date: 2019/08/02 13:32:41");

  script_cve_id("CVE-2003-0792");
  script_xref(name:"GLSA", value:"200403-10");

  script_name(english:"GLSA-200403-10 : Fetchmail 6.2.5 fixes a remote DoS");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200403-10
(Fetchmail 6.2.5 fixes a remote DoS)

    Fetchmail versions 6.2.4 and earlier can be crashed by sending a
    specially crafted email to a Fetchmail user. This problem occurs because
    Fetchmail does not properly allocate memory for long lines in an incoming
    email.
  
Impact :

    Fetchmail users who receive a malicious email may have their Fetchmail program crash.
  
Workaround :

    While a workaround is not currently known for this issue, all users are advised to upgrade to the latest version of Fetchmail."
  );
  # http://xforce.iss.net/xforce/xfdb/13450
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c018ede2"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200403-10"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Fetchmail users should upgrade to version 6.2.5 or later:
    # emerge sync
    # emerge -pv '>=net-mail/fetchmail-6.2.5'
    # emerge '>=net-mail/fetchmail-6.2.5'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:fetchmail");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/03/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"net-mail/fetchmail", unaffected:make_list("ge 6.2.5"), vulnerable:make_list("le 6.2.4"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "net-mail/fetchmail");
}
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2003-101.NASL
    descriptionA bug was discovered in fetchmail 6.2.4 where a specially crafted email message can cause fetchmail to crash. Thanks to Nalin Dahyabhai of Red Hat for providing the patch to fix the problem.
    last seen2020-06-01
    modified2020-06-02
    plugin id14083
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14083
    titleMandrake Linux Security Advisory : fetchmail (MDKSA-2003:101)
  • NASL familyMacOS X Local Security Checks
    NASL idAPPLE-SA-2004-08-09.NASL
    descriptionThe remote Mac OS X host is missing Security Update 2003-12-19. Mac OS X contains a flaw that may allow a malicious user with local access to gain root access. The issue is triggered when the Ctrl and c keys are pressed on the connected USB keyboard during boot and thus interrupting the system initialization. It is possible that the flaw may allow root access resulting in a loss of integrity.
    last seen2020-06-01
    modified2020-06-02
    plugin id14251
    published2004-08-10
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14251
    titleApple Mac OS X USB Keyboard Ctrl Key Root Access (Apple SA 2003-12-19)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_AC4B9D1867A911D880E30020ED76EF5A.NASL
    descriptionDave Jones discovered a denial-of-service vulnerability in fetchmail. An email message containing a very long line could cause fetchmail to segfault due to missing NUL termination in transact.c. Eric Raymond decided not to mention this issue in the release notes for fetchmail 6.2.5, but it was fixed there.
    last seen2020-06-01
    modified2020-06-02
    plugin id37051
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37051
    titleFreeBSD : fetchmail -- denial-of-service vulnerability (ac4b9d18-67a9-11d8-80e3-0020ed76ef5a)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2003-300-02.NASL
    descriptionFetchmail is a mail-retrieval and forwarding utility. Upgraded fetchmail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix a vulnerability where a specially crafted email could crash fetchmail, preventing the user from downloading or forwarding their email.
    last seen2020-06-01
    modified2020-06-02
    plugin id18731
    published2005-07-13
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18731
    titleSlackware 8.1 / 9.0 / 9.1 / current : fetchmail security update (SSA:2003-300-02)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD20031219.NASL
    descriptionThe remote host is missing Security Update 2003-12-19. This security update includes the following components : - AFP Server - cd9600.util - Directory Services - fetchmail - fs_usage - rsync - System Initialization For MacOS X 10.3, it also includes : - ASN.1 Decoding for PKI This update contains various fixes which may allow an attacker to execute arbitrary code on the remote host.
    last seen2020-06-01
    modified2020-06-02
    plugin id12516
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/12516
    titleMac OS X Multiple Vulnerabilities (Security Update 2003-12-19)

References