Launchpad CVE tracker

CVE 2007-4565

sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.

Related bugs and status

CVE-2007-4565 (Candidate) is related to these bugs:

Bug #27616: fetchmail package doesn't support gssapi by default

Summary				In	Importance	Status
	27616	fetchmail package doesn't support gssapi by default		fetchmail (Ubuntu)	Wishlist	Fix Released

Bug #136596: [Merge] fetchmail 6.3.8-8ubuntu1

Summary				In	Importance	Status
	136596	[Merge] fetchmail 6.3.8-8ubuntu1		fetchmail (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://fetchmail.berli...
CONFIRM: http://mknod.org/svn/f...
CONFIRM: https://issues.rpath.c...
BID: 25495
SECTRACK: 1018627
MANDRIVA: MDKSA-2007:179
DEBIAN: DSA-1377
TRUSTIX: 2007-0028
UBUNTU: USN-520-1
SREASON: 3074
SUSE: SUSE-SR:2007:022
SECUNIA: 27399
OSVDB: 45833
APPLE: APPLE-SA-2009-02-12
SECUNIA: 33937
CONFIRM: http://support.apple.c...
VUPEN: ADV-2007-3032
VUPEN: ADV-2009-0422
XF: fetchmail-warning-dos(...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20070907 FLEA-2007-005...
BUGTRAQ: 20080617 fetchmail sec...

Launchpad.net

CVE 2007-4565

Related bugs and status

Related bugs

References