fetchmail
Page content
- Author: voroskoi
- Vulnerable: 6.3.4-1
- Unaffected: 6.3.6-1siwenna1
A vulnerability and a security issue have been reported in Fetchmail, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to gain knowledge of sensitive information.
- A NULL pointer dereference error in Fetchmail, when refusing a message that was bound for delivery by a message delivery agent (MDA) via the “mda” option, can be exploited to crash the service.
- Several errors could lead to the authentication in plain text despite the configured settings, resulting in the possibility of passwords being eavesdropped.
- Bug Tracker URL: http://bugs.frugalware.org/task/1608