fetchmail -- denial-of-service vulnerability

ID AC4B9D18-67A9-11D8-80E3-0020ED76EF5A
Type freebsd
Reporter FreeBSD
Modified 2012-09-04T00:00:00


Dave Jones discovered a denial-of-service vulnerability in fetchmail. An email message containing a very long line could cause fetchmail to segfault due to missing NUL termination in transact.c. Eric Raymond decided not to mention this issue in the release notes for fetchmail 6.2.5, but it was fixed there.