Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fetchmail 拒绝服务漏洞
Vulnerability Description
Fetchmail是免费的软件包,可以从远程POP2、POP3、IMAP、ETRN或ODMR服务器检索邮件并将其转发给本地SMTP、LMTP服务器或消息传送代理。 Fetchmail 5.0.8至6.3.21版本中存在漏洞。当在调试模式下使用NTLM认证时,远程NTLM服务器端攻击者可利用该漏洞(1)通过特制的NTLM响应在base64解码器中触发越界读取,导致拒绝服务(崩溃和延迟邮件的传送)或(2)通过带有特制的Target Name结构的NTLM Type 2信息触发越界读取,从内存中获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A