This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated Fetchmail packages are available for Red Hat Linux Advanced
Server which close a remotely-exploitable vulnerability in unpatched
versions of Fetchmail prior to 6.2.0.
[Updated 06 Feb 2003] Added fixed packages for Advanced Workstation
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links such as SLIP and PPP connections.
A bug has been found in the header parsing code in versions of
Fetchmail prior to 6.2.0.
The bug allows a remote attacker to crash Fetchmail and potentially
execute arbitrary code by sending a carefully crafted email which is
parsed by Fetchmail.
All users of Fetchmail are advised to upgrade to the errata packages
containing a backported fix which corrects this issue.
See also :
Update the affected fetchmail and / or fetchmailconf packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12342 ()
CVE ID: CVE-2002-1365
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.