fetchmail -- null pointer dereference in multidrop mode with headerless email

ID F7EB0B23-7099-11DA-A15C-0060084A00E5
Type freebsd
Reporter FreeBSD
Modified 2005-12-19T00:00:00


The fetchmail team reports:

Fetchmail contains a bug that causes an application crash when fetchmail is configured for multidrop mode and the upstream mail server sends a message without headers. As fetchmail does not record this message as "previously fetched", it will crash with the same message if it is re-executed, so it cannot make progress. A malicious or broken-into upstream server could thus cause a denial of service in fetchmail clients.