NTLM Authentication Vulnerability in Fetchmail by Fetchmail Developers
CVE-2012-3482

Currently unrated

Key Information:

Vendor

Fetchmail

Status
Fetchmail
Vendor
CVE Published:
21 December 2012

What is CVE-2012-3482?

The Fetchmail application, specifically versions 5.0.8 through 6.3.21, contains a vulnerability when utilizing NTLM authentication in debug mode. This flaw can be exploited by remote NTLM servers, resulting in a denial of service condition, exemplified by application crashes and delayed mail delivery. Additionally, attackers could exploit a crafted NTLM Type 2 message to obtain sensitive information from memory by triggering an out-of-bounds read, highlighting significant security risks associated with this application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/oss-sec/2012/q3/232
mailing-listx_refsource_MLIST
http://seclists.org/oss-sec/2012/q3/230
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/54987
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.