FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

fetchmail -- denial of service on reject of local warning message

Affected packages
4.6.8 <= fetchmail < 6.3.8_4

Details

VuXML ID 45500f74-5947-11dc-87c1-000e2e5785ad
Discovery 2007-07-29
Entry 2007-09-02

Matthias Andree reports:

fetchmail will generate warning messages in certain circumstances (for instance, when leaving oversized messages on the server or login to the upstream fails) and send them to the local postmaster or the user running it.

If this warning message is then refused by the SMTP listener that fetchmail is forwarding the message to, fetchmail crashes and does not collect further messages until it is restarted.

References

CVE Name CVE-2007-4565
URL http://www.fetchmail.info/fetchmail-SA-2007-02.txt