{"api_version":"1","generated_at":"2026-05-13T01:06:56+00:00","cve":"CVE-2011-1947","urls":{"html":"https://cve.report/CVE-2011-1947","api":"https://cve.report/api/cve/CVE-2011-1947.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2011-1947","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2011-1947"},"summary":{"title":"CVE-2011-1947","description":"fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.","state":"PUBLISHED","assigner":"redhat","published_at":"2011-06-02 19:55:03","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-399","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061735.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061735.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora 14 Update: fetchmail-6.3.20-1.fc14","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt","name":"http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061672.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061672.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora 15 Update: fetchmail-6.3.20-1.fc15","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://openwall.com/lists/oss-security/2011/05/30/1","name":"http://openwall.com/lists/oss-security/2011/05/30/1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oss-security - CVE request for fetchmail STARTTLS hang (Denial of Service)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://openwall.com/lists/oss-security/2011/05/31/17","name":"http://openwall.com/lists/oss-security/2011/05/31/17","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oss-security - Re: CVE request for fetchmail STARTTLS hang (Denial\n of Service)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://openwall.com/lists/oss-security/2011/05/31/12","name":"http://openwall.com/lists/oss-security/2011/05/31/12","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oss-security - Re: CVE request for fetchmail STARTTLS hang (Denial\n of Service)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061634.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061634.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora 13 Update: fetchmail-6.3.20-1.fc13","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.fetchmail.info/fetchmail-SA-2011-01.txt","name":"http://www.fetchmail.info/fetchmail-SA-2011-01.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:107","name":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:107","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Support / Security / Advisories /  / MDVSA-2011:107 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67700","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67700","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1025605","name":"http://www.securitytracker.com/id?1025605","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Fetchmail STARTTLS Blocking IO Bug Lets Remote Users Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://openwall.com/lists/oss-security/2011/06/01/2","name":"http://openwall.com/lists/oss-security/2011/06/01/2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oss-security - Re: CVE request for fetchmail STARTTLS hang (Denial\n of Service)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/48043","name":"http://www.securityfocus.com/bid/48043","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Fetchmail STARTTLS Remote Denial of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securityfocus.com/archive/1/518251/100/0/threaded","name":"http://www.securityfocus.com/archive/1/518251/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2011-1947","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1947","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"5.9.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"5.9.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"5.9.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"5.9.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.5.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.5.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.5.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.6","cpe7":"pre4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.6","cpe7":"pre8","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.6","cpe7":"pre9","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.9","cpe7":"rc10","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.9","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.9","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.9","cpe7":"rc5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.9","cpe7":"rc7","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.9","cpe7":"rc8","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.2.9","cpe7":"rc9","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.15","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.16","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.17","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.18","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.19","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.6","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.6","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.6","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.6","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.6","cpe7":"rc5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1947","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fetchmail","cpe5":"fetchmail","cpe6":"6.3.9","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T22:46:00.839Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/05/31/17"},{"name":"48043","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/48043"},{"name":"FEDORA-2011-8011","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061672.html"},{"name":"[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/05/31/12"},{"name":"[oss-security] 20110530 CVE request for fetchmail STARTTLS hang (Denial of Service)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/05/30/1"},{"name":"20110606 fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/518251/100/0/threaded"},{"name":"FEDORA-2011-8059","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061634.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt"},{"name":"1025605","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1025605"},{"name":"MDVSA-2011:107","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:107"},{"name":"FEDORA-2011-8021","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061735.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.fetchmail.info/fetchmail-SA-2011-01.txt"},{"name":"[oss-security] 20110601 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/06/01/2"},{"name":"fetchmail-starttls-dos(67700)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67700"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2011-05-30T00:00:00.000Z","descriptions":[{"lang":"en","value":"fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-09T18:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/05/31/17"},{"name":"48043","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/48043"},{"name":"FEDORA-2011-8011","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061672.html"},{"name":"[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/05/31/12"},{"name":"[oss-security] 20110530 CVE request for fetchmail STARTTLS hang (Denial of Service)","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/05/30/1"},{"name":"20110606 fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/518251/100/0/threaded"},{"name":"FEDORA-2011-8059","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061634.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt"},{"name":"1025605","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1025605"},{"name":"MDVSA-2011:107","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:107"},{"name":"FEDORA-2011-8021","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061735.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.fetchmail.info/fetchmail-SA-2011-01.txt"},{"name":"[oss-security] 20110601 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/06/01/2"},{"name":"fetchmail-starttls-dos(67700)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67700"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2011-1947","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","refsource":"MLIST","url":"http://openwall.com/lists/oss-security/2011/05/31/17"},{"name":"48043","refsource":"BID","url":"http://www.securityfocus.com/bid/48043"},{"name":"FEDORA-2011-8011","refsource":"FEDORA","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061672.html"},{"name":"[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","refsource":"MLIST","url":"http://openwall.com/lists/oss-security/2011/05/31/12"},{"name":"[oss-security] 20110530 CVE request for fetchmail STARTTLS hang (Denial of Service)","refsource":"MLIST","url":"http://openwall.com/lists/oss-security/2011/05/30/1"},{"name":"20110606 fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947)","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/518251/100/0/threaded"},{"name":"FEDORA-2011-8059","refsource":"FEDORA","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061634.html"},{"name":"http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt","refsource":"CONFIRM","url":"http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt"},{"name":"1025605","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1025605"},{"name":"MDVSA-2011:107","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:107"},{"name":"FEDORA-2011-8021","refsource":"FEDORA","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061735.html"},{"name":"http://www.fetchmail.info/fetchmail-SA-2011-01.txt","refsource":"CONFIRM","url":"http://www.fetchmail.info/fetchmail-SA-2011-01.txt"},{"name":"[oss-security] 20110601 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)","refsource":"MLIST","url":"http://openwall.com/lists/oss-security/2011/06/01/2"},{"name":"fetchmail-starttls-dos(67700)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67700"}]}}}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2011-1947","datePublished":"2011-06-02T19:00:00.000Z","dateReserved":"2011-05-09T00:00:00.000Z","dateUpdated":"2024-08-06T22:46:00.839Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2011-06-02 19:55:03","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-399","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:5.9.9:*:*:*:*:*:*:*","matchCriteriaId":"6163235A-1041-40D2-A5FA-1D4B80F40347"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:5.9.10:*:*:*:*:*:*:*","matchCriteriaId":"1258CA65-FBC1-4848-A9E5-A8F5E5D6FBD5"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:5.9.11:*:*:*:*:*:*:*","matchCriteriaId":"A91C6418-41F0-46EB-ACFC-FCE907F5AA87"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:5.9.13:*:*:*:*:*:*:*","matchCriteriaId":"0C020534-7596-496C-B9B0-739F58F6F4EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0A77D40C-6FF5-42BD-9EFB-B532824D7606"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.1.0:*:*:*:*:*:*:*","matchCriteriaId":"F04C6A76-2718-4DBA-8972-A3EECDDB1A17"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.1.3:*:*:*:*:*:*:*","matchCriteriaId":"38ACD96E-5582-4ED0-BBB1-C891094D8217"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.0:*:*:*:*:*:*:*","matchCriteriaId":"264386DA-747F-492C-B660-D49BE9DB7139"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.1:*:*:*:*:*:*:*","matchCriteriaId":"DC4066AC-BE10-4189-86F6-BF94443738DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.2:*:*:*:*:*:*:*","matchCriteriaId":"1C25A146-50D5-4BA2-ABA2-20BF8784D7DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.3:*:*:*:*:*:*:*","matchCriteriaId":"72E76256-997F-4229-9B03-7BC3074F359D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.4:*:*:*:*:*:*:*","matchCriteriaId":"7A717C50-2C5A-4CD1-B2E6-8CDF450940CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.5:*:*:*:*:*:*:*","matchCriteriaId":"61F908FF-9986-4F71-B0B6-D6A86555EF56"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.5.1:*:*:*:*:*:*:*","matchCriteriaId":"B0C1F99C-A246-40D3-B84A-5D11FF24AC1B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.5.2:*:*:*:*:*:*:*","matchCriteriaId":"028F7F83-AF15-443B-A7DB-4E695E62EAFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.5.4:*:*:*:*:*:*:*","matchCriteriaId":"B418C3CE-E6E6-401D-AD83-5BB181009A7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.6:pre4:*:*:*:*:*:*","matchCriteriaId":"8BF06FD2-0A4C-4557-B8EF-F0F021179498"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.6:pre8:*:*:*:*:*:*","matchCriteriaId":"38C949C2-07A0-4FE4-8FBF-86215CB999CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.6:pre9:*:*:*:*:*:*","matchCriteriaId":"88B23630-79DD-4B69-BB01-286193BA562E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.9:rc10:*:*:*:*:*:*","matchCriteriaId":"5FE21564-68C0-4765-BA40-9D3046C4CB14"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.9:rc3:*:*:*:*:*:*","matchCriteriaId":"208102ED-6F22-44C5-BAF1-FD85EACF208F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.9:rc4:*:*:*:*:*:*","matchCriteriaId":"C1CF7767-EB24-44E2-8E59-B4DBC99AFD23"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.9:rc5:*:*:*:*:*:*","matchCriteriaId":"CF3D6D4C-5FD8-4EE1-A34A-99D397F09E85"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.9:rc7:*:*:*:*:*:*","matchCriteriaId":"D63D88C1-B201-4D48-9659-5802DC4FD3EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.9:rc8:*:*:*:*:*:*","matchCriteriaId":"16463B23-E884-467E-9F63-6B57EED39856"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.2.9:rc9:*:*:*:*:*:*","matchCriteriaId":"9F2C03AF-666D-4AF6-BC69-F8B081EB41AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.0:*:*:*:*:*:*:*","matchCriteriaId":"84F90AFA-4B13-46A0-89D7-4065300C94C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.1:*:*:*:*:*:*:*","matchCriteriaId":"5DAD0F05-8B55-43ED-89D5-61A19F41EDFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.2:*:*:*:*:*:*:*","matchCriteriaId":"99053698-7F8B-4E71-8647-1A8B0DF7CEB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.3:*:*:*:*:*:*:*","matchCriteriaId":"9314F22D-22A8-4374-A2BF-3C64CF1F69BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.4:*:*:*:*:*:*:*","matchCriteriaId":"816E9640-A932-4E2F-9793-689F80D2AA89"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.5:*:*:*:*:*:*:*","matchCriteriaId":"5D09BB43-6CBA-499B-91D1-BA256A65E40D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.6:*:*:*:*:*:*:*","matchCriteriaId":"ABE76611-08CE-4D85-B57A-021909835A81"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.6:rc1:*:*:*:*:*:*","matchCriteriaId":"B98AFEDF-2BAB-4588-94E0-35AEA5F1B514"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.6:rc2:*:*:*:*:*:*","matchCriteriaId":"4E8BAB5B-4DBC-4D05-B5E2-591573BC05FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.6:rc3:*:*:*:*:*:*","matchCriteriaId":"02F6E729-A2F2-42AC-A941-F57A0A4E84A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.6:rc4:*:*:*:*:*:*","matchCriteriaId":"4143D519-4B49-4E71-8686-FC6A095F0999"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.6:rc5:*:*:*:*:*:*","matchCriteriaId":"387ADB82-4FAD-44DA-ABF2-2F4645C4F1E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.7:*:*:*:*:*:*:*","matchCriteriaId":"CED4FBCB-B6DF-429D-871D-2A9F7F59E63B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.8:*:*:*:*:*:*:*","matchCriteriaId":"237F86BD-82CD-4A37-BF64-F103B1304F0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.9:*:*:*:*:*:*:*","matchCriteriaId":"667847D9-58DD-4693-B544-593AC6D7746D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.9:rc2:*:*:*:*:*:*","matchCriteriaId":"12BA2E29-5547-45F5-BC46-1A7B4A222055"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.10:*:*:*:*:*:*:*","matchCriteriaId":"C44EA07A-D8A9-4E43-AE2D-B9E41944CB07"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.11:*:*:*:*:*:*:*","matchCriteriaId":"F9882EBF-72D0-4C4F-99BA-929418B5D86B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.12:*:*:*:*:*:*:*","matchCriteriaId":"EE474E7E-EEE8-45E4-A995-A437CE7C08CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.13:*:*:*:*:*:*:*","matchCriteriaId":"2F96F2F2-B6CC-4138-8F9C-4CB906EDACDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.14:*:*:*:*:*:*:*","matchCriteriaId":"22D580D8-FE6D-40E9-88A5-751A9C8CBAA7"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.15:*:*:*:*:*:*:*","matchCriteriaId":"7C7E909A-F8F7-4FB1-8659-41A47C9B7C5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.16:*:*:*:*:*:*:*","matchCriteriaId":"FDBC29B9-EC76-4F2C-BD00-A57C0D4B99EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.17:*:*:*:*:*:*:*","matchCriteriaId":"4C8896BE-EF89-4F2C-9356-96745005E3AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.18:*:*:*:*:*:*:*","matchCriteriaId":"39E249FA-4A13-4945-A632-0A8D24CE594A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fetchmail:fetchmail:6.3.19:*:*:*:*:*:*:*","matchCriteriaId":"6126F184-8470-49B7-A801-F671DEF24247"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2011","CveId":"1947","Ordinal":"1","Title":"CVE-2011-1947","CVE":"CVE-2011-1947","Year":"2011"},"notes":[{"CveYear":"2011","CveId":"1947","Ordinal":"1","NoteData":"fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.","Type":"Description","Title":"CVE-2011-1947"},{"CveYear":"2011","CveId":"1947","Ordinal":"2","NoteData":"2011-06-02","Type":"Other","Title":"Published"},{"CveYear":"2011","CveId":"1947","Ordinal":"3","NoteData":"2018-10-09","Type":"Other","Title":"Modified"}]}}}