4

USN-816-1: fetchmail vulnerability

view full story
linux-howto

http://www.ubuntu.com – Referenced CVEs:  CVE-2009-2666 Description:  =========================================================== Ubuntu Security Notice USN-816-1 August 12, 2009 fetchmail vulnerability CVE-2009-2666 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: fetchmail 6.3.2-2ubuntu2.3 Ubuntu 8.04 LTS: fetchmail 6.3.8-10ubuntu1.1 Ubuntu 8.10: fetchmail 6.3.8-11ubuntu3.1 Ubuntu 9.04: fetchmail 6.3.9~rc2-4ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Moxie Marlinspike discovered that fetchmail did not properly handle certificates with NULL characters in the certificate name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (Distributions)

hwq123's picture
Submitted by hwq123 on 08/13/2009 – Made popular on 08/13/2009

Stories similar to USN-816-1: fetchmail vulnerability

Referenced CVEs: 

CVE-2009-3767

Description: 

=========================================================== Ubuntu Security Notice USN-858-1 November 12, 2009 openldap2.2 vulnerability CVE-2009-3767 ===========================================================

A security issu

USN-818-1: curl vulnerability 3 years 43 weeks ago

Referenced CVEs: 

CVE-2009-2417

Description: 

=========================================================== Ubuntu Security Notice USN-818-1 August 17, 2009 curl vulnerability CVE-2009-2417 ===========================================================

A security issue affe

USN-842-1: Wget vulnerability 3 years 36 weeks ago

Referenced CVEs: 

CVE-2009-3490

Description: 

=========================================================== Ubuntu Security Notice USN-842-1 October 06, 2009 wget vulnerability CVE-2009-3490 ===========================================================

A security issue affec

USN-829-1: Qt vulnerability 3 years 40 weeks ago

Referenced CVEs: 

CVE-2009-2700

Description: 

=========================================================== Ubuntu Security Notice USN-829-1 September 10, 2009 qt4-x11 vulnerability CVE-2009-2700 ===========================================================

A security issue a

Referenced CVEs: 

CVE-2009-2702

Description: 

=========================================================== Ubuntu Security Notice USN-833-1 September 18, 2009 kde4libs, kdelibs vulnerability CVE-2009-2702 ===========================================================

A securi

USN-810-1: NSS vulnerabilities 3 years 45 weeks ago

Referenced CVEs: 

CVE-2009-2404, CVE-2009-2408, CVE-2009-2409

Description: 

=========================================================== Ubuntu Security Notice USN-810-1 August 04, 2009 nss vulnerabilities CVE-2009-2404, CVE-2009-2408, CVE-2009-2409 =====================

Referenced CVEs: 

CVE-2009-4034, CVE-2009-4136

Description: 

=========================================================== Ubuntu Security Notice USN-876-1 January 03, 2010 postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerabilities CVE-2009-4034, CVE-2009-4136 ========

USN-810-2: NSPR update 3 years 45 weeks ago

Description: 

=========================================================== Ubuntu Security Notice USN-810-2 August 04, 2009 nspr update https://launchpad.net/bugs/387745 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04

This advis

Referenced CVEs: 

CVE-2009-2409, CVE-2009-2730

Description: 

=========================================================== Ubuntu Security Notice USN-809-1 August 19, 2009 gnutls12, gnutls13, gnutls26 vulnerabilities CVE-2009-2409, CVE-2009-2730, https://launchpad.net/bug