Fetchmail is a remote mail retrieval and forwarding utility intended for
use over on-demand TCP/IP links such as SLIP and PPP connections. A bug
has been found in the header parsing code in versions of Fetchmail prior
to 6.2.0.
The bug allows a remote attacker to crash Fetchmail and potentially execute
arbitrary code by sending a carefully crafted email which is parsed by
Fetchmail.
All users of Fetchmail are advised to upgrade to the errata packages
containing a backported fix which corrects this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | fetchmail | < 5.9.0-21.7.3 | fetchmail-5.9.0-21.7.3.ia64.rpm |
RedHat | any | i386 | fetchmailconf | < 5.9.0-21.7.3 | fetchmailconf-5.9.0-21.7.3.i386.rpm |
RedHat | any | ia64 | fetchmailconf | < 5.9.0-21.7.3 | fetchmailconf-5.9.0-21.7.3.ia64.rpm |
RedHat | any | i386 | fetchmail | < 5.9.0-21.7.3 | fetchmail-5.9.0-21.7.3.i386.rpm |