4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.105 Low
EPSS
Percentile
94.9%
Matthias Andree reports:
Gunter Nau reported fetchmail crashing on some messages; further
debugging by Petr Uzel and Petr Cerny at Novell/SUSE Czech Republic
dug up that this happened when fetchmail was trying to print, in
-v -v verbose level, headers exceeding 2048 bytes. In this
situation, fetchmail would resize the buffer and fill in further
parts of the message, but forget to reinitialize its va_list
typed source pointer, thus reading data from a garbage address found
on the stack at addresses above the function arguments the caller
passed in; usually that would be the callerβs stack frame.