|
1 | | -[id] |
2 | | -ave_id = "AVE-2002-0049" |
3 | | -cve_id = "CVE-2002-1175" |
4 | | -aliases = ["CVE-2002-1175", "EUVD-2002-1159"] |
5 | | - |
6 | 1 | [basic] |
7 | | -title = "Fetchmail getmxrecord函数DNS响应边界检查漏洞导致拒绝服务" |
8 | | -description = "Fetchmail 6.0.0及更早版本中的getmxrecord函数在处理来自恶意DNS服务器的畸形DNS数据包时,未能正确检查数据边界。当Fetchmail尝试读取超出预期边界的数据时,远程攻击者可利用此漏洞导致程序崩溃,造成拒绝服务。该漏洞仅在Fetchmail使用multidrop模式(启用multiple-local-recipients功能)时可被利用。" |
9 | | -severity = "MEDIUM" |
10 | | -score = 5.0 |
11 | | -cvss_v3 = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" |
12 | | -published = "2002-09-30" |
13 | | -updated = "2002-10-07" |
14 | | -remediation = "升级Fetchmail至6.1.0或更高版本。Red Hat用户可升级至RHSA-2002:215-09 errata软件包。Debian用户可通过DSA-171安全公告获取修复版本。若暂无法升级,建议避免在multidrop模式下使用Fetchmail,或限制对不可信DNS服务器的访问。" |
15 | | -sources = ["osv", "redhat", "debian", "nvd"] |
16 | | - |
17 | | -[affected] |
18 | | -vendor = "Fetchmail Project" |
19 | | -product = "Fetchmail" |
20 | | -versions = ["6.0.0", "6.0.0及更早版本"] |
| 2 | +description = "" |
| 3 | +published = "" |
| 4 | +remediation = "Refer to vendor advisory and upgrade to fixed version." |
| 5 | +score = 0.0 |
| 6 | +severity = "UNKNOWN" |
| 7 | +sources = ["osv"] |
| 8 | +title = "CVE-2002-1175 漏洞" |
| 9 | +updated = "" |
21 | 10 |
|
22 | 11 | [exploit] |
23 | | -poc_urls = [] |
24 | 12 | exp_urls = [] |
25 | | -nuclei_templates = [] |
| 13 | +poc_urls = [] |
26 | 14 |
|
27 | | -[references] |
28 | | -urls = [ |
29 | | - "https://nvd.nist.gov/vuln/detail/cve-2002-1175", |
30 | | - "https://access.redhat.com/security/cve/cve-2002-1175", |
31 | | - "http://rhn.redhat.com/errata/RHSA-2002-215.html", |
32 | | - "http://www.debian.org/security/2002/dsa-171", |
33 | | - "http://www.iss.net/security_center/static/10203.php", |
34 | | - "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-063.php", |
35 | | - "http://www.linuxsecurity.com/advisories/other_advisory-2402.html", |
36 | | - "http://www.securityfocus.com/bid/5826", |
37 | | - "http://marc.info/?l=bugtraq&m=103340148625187&w=2" |
38 | | -] |
| 15 | +[id] |
| 16 | +aliases = ["CVE-2002-1175"] |
| 17 | +ave_id = "AVE-2002-0049" |
| 18 | +cve_id = "CVE-2002-1175" |
39 | 19 |
|
40 | 20 | [meta] |
41 | | -collected_at = "2026-07-11T00:00:00Z" |
| 21 | +collected_at = "2026-07-11T00:09:56.032186743+00:00" |
42 | 22 | status = "completed" |
| 23 | + |
| 24 | +[references] |
| 25 | +urls = [] |
0 commit comments