fetchmail-SA-2007-02: Crash when warning message is rejected

Topics:		Crash when fetchmail-generated warning message is rejected

Author:		Matthias Andree
Version:	1.0
Announced:	2007-07-29
Type:		NULL pointer dereference trigged by outside circumstances
Impact:		denial of service possible
Danger:		low
Credits:	Earl Chew
CVE Name:	CVE-2007-4565
URL:		http://fetchmail.berlios.de/fetchmail-SA-2007-02.txt
Project URL:	http://fetchmail.berlios.de/

Affects:	fetchmail release < 6.3.9

Not affected:	fetchmail release 6.3.9

Corrected:	2007-07-29 fetchmail SVN (rev 5119)


0. Release history
==================

2007-07-29 1.0	first draft for MITRE/CVE (visible in SVN)


1. Background
=============

fetchmail is a software package to retrieve mail from remote POP2, POP3,
IMAP, ETRN or ODMR servers and forward it to local SMTP, LMTP servers or
message delivery agents.

fetchmail ships with a graphical, Python/Tkinter based configuration
utility named "fetchmailconf" to help the user create configuration (run
control) files for fetchmail.


2. Problem description and Impact
=================================

fetchmail will generated warning messages to the local postmaster or user in
certain circumstances, for instance when authentication fails.

If this warning message is refused by the SMTP listener that fetchmail is
talking to, fetchmail attempts to dereference a NULL pointer when trying to find
out if it should allow a bounce message to be sent.


3. Solution
===========

Install fetchmail 6.3.9 or newer.  The fetchmail source code is available from
<http://developer.berlios.de/project/showfiles.php?group_id=1824>.


A. Copyright, License and Warranty
==================================

(C) Copyright 2007 by Matthias Andree, <matthias.andree@gmx.de>.
Some rights reserved.

This work is licensed under the Creative Commons
Attribution-NonCommercial-NoDerivs German License. To view a copy of
this license, visit http://creativecommons.org/licenses/by-nc-nd/2.0/de/
or send a letter to Creative Commons; 559 Nathan Abbott Way;
Stanford, California 94305; USA.

THIS WORK IS PROVIDED FREE OF CHARGE AND WITHOUT ANY WARRANTIES.
Use the information herein at your own risk.

END OF fetchmail-SA-2007-02.txt