Description
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.
References (2)
Core 2
Core References
Patch vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-103.html
Various Sources x_refsource_misc
http://lists.ccil.org/pipermail/fetchmail-announce/2001-March/000015.html
Scores
EPSS
0.0034
EPSS Percentile
26.0%
Details
CWE
CWE-59
Status
published
Products (50)
fetchmail/fetchmail
4.5.1
fetchmail/fetchmail
4.5.2
fetchmail/fetchmail
4.5.3
fetchmail/fetchmail
4.5.4
fetchmail/fetchmail
4.5.5
fetchmail/fetchmail
4.5.6
fetchmail/fetchmail
4.5.7
fetchmail/fetchmail
4.5.8
fetchmail/fetchmail
4.6.0
fetchmail/fetchmail
4.6.1
... and 40 more
Published
Sep 06, 2001
Tracked Since
Feb 18, 2026