Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 191154 - net-mail/fetchmail < 6.3.9 NULL pointer dereference DOS (CVE-2007-4565)
Summary: net-mail/fetchmail < 6.3.9 NULL pointer dereference DOS (CVE-2007-4565)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Net-Mail Packages
URL: http://fetchmail.berlios.de/fetchmail...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-09-03 13:52 UTC by Robert Buchholz (RETIRED)
Modified: 2007-09-03 14:34 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2007-09-03 13:52:51 UTC
"fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP." (From CVE)

Fetchmail 6.3.9 was released on 28.08.
Comment 1 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-09-03 14:07:17 UTC
client-side DoS, no security impact, reassigning to maintainer.
Comment 2 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-09-03 14:34:08 UTC
fixed in 2.3.8-r1, thanks