fetchmail -- denial of service/crash from malicious POP3 server

ID 3F4AC724-FA8B-11D9-AFCF-0060084A00E5
Type freebsd
Reporter FreeBSD
Modified 2005-07-21T00:00:00


In fetchmail, the remote code injection via POP3 UIDL was fixed, but a denial of service attack was introduced: Two possible NULL-pointer dereferences allow a malicious POP3 server to crash fetchmail by respondig with UID lines containing only the article number but no UID (in violation of RFC-1939), or a message without Message-ID when no UIDL support is available.