Denial of Service Vulnerability in fetchmail 5.9.9 through 6.3.19

Denial of Service Vulnerability in fetchmail 5.9.9 through 6.3.19

CVE-2011-1947 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.

Learn more about our Cis Benchmark Audit For Server Software.