FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

fetchmail -- crashes when refusing a message bound for an MDA

Affected packages
6.3.5 <= fetchmail < 6.3.6

Details

VuXML ID 37e30313-9d8c-11db-858b-0060084a00e5
Discovery 2007-01-04
Entry 2007-01-06

Matthias Andree reports:

When delivering messages to a message delivery agent by means of the "mda" option, fetchmail can crash (by passing a NULL pointer to ferror() and fflush()) when refusing a message. SMTP and LMTP delivery modes aren't affected.

References

CVE Name CVE-2006-5974
URL http://www.fetchmail.info/fetchmail-SA-2006-03.txt