CVE-2002-1175
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-1175
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the expected boundary.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Eric S. Raymond Fetchmail Multidrop模式远程拒绝服务攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Fetchmail是一款由Eric S. Raymond维护的免费开放源代码邮件客户端。 Fetchmail运行在multidrop模式下解析邮件头的代码存在问题,远程攻击者可以利用这个漏洞进行拒绝服务攻击。 Fetchmail运行在multidrop模式下,其中getmxrecord()函数缺少正确的边界检查,可以导致远程使Fetchmail崩溃。要利用这个漏洞,攻击者必须能发送伪造的超大的DNS包给目标用户,这可以通过攻击者伪造目标用户使用的DNS服务器应答或者使目标用户查询由其控制的MX记录DNS服
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2002-1175
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2002-1175
Please Login to view more intelligence information
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000531vendor-advisoryx_refsource_CONECTIVA
- http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-063.phpvendor-advisoryx_refsource_MANDRAKE
- https://nvd.nist.gov/vuln/detail/CVE-2002-1175
Same Patch Batch · n/a · 2002-10-01 · 8 CVEs total
| CVE-2002-0399 | GNU Tar目标路径变化漏洞 | |
| CVE-2002-0838 | gv远程缓冲区溢出漏洞 | |
| CVE-2002-0863 | Microsoft Windows加密RDP包远程信息泄露漏洞(MS02-051) | |
| CVE-2002-1149 | Invision Board phpinfo.php远程信息泄露漏洞 | |
| CVE-2002-1150 | Microsoft Netmeeting本地会话劫持漏洞 | |
| CVE-2002-1166 | WN Server畸形GET请求缓冲区溢出漏洞 | |
| CVE-2002-1174 | Eric S. Raymond Fetchmail Multidrop模式EMAIL头解析堆缓冲区溢出漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2002-1175
No comments yet