-----BEGIN PGP SIGNED MESSAGE-----
fetchmail-SA-2006-03: crash when refusing message delivered through MDA
Topics: fetchmail crashes when refusing a message bound for an MDA
Author: Matthias Andree
Type: denial of service
Impact: fetchmail aborts prematurely
Credits: Neil Hoggarth (bug report and analysis)
CVE Name: CVE-2006-5974
Project URL: http://fetchmail.berlios.de/
Affects: fetchmail release = 6.3.5
fetchmail release candidates 6.3.6-rc1, -rc2
Not affected: fetchmail release 6.3.6
Corrected: 2006-11-14 fetchmail SVN
0. Release history
2006-11-19 - internal review draft
2007-01-04 1.0 ready for release
fetchmail is a software package to retrieve mail from remote POP2, POP3,
IMAP, ETRN or ODMR servers and forward it to local SMTP, LMTP servers or
message delivery agents.
fetchmail ships with a graphical, Python/Tkinter based configuration
utility named "fetchmailconf" to help the user create configuration (run
control) files for fetchmail.
2. Problem description and Impact
Fetchmail 6.3.5 and early 6.3.6 release candidates, when delivering
messages to a message delivery agent by means of the "mda" option, can
crash (by passing a NULL pointer to ferror() and fflush()) when refusing
a message. SMTP and LMTP delivery modes aren't affected.
Avoid the mda option and ship to a local SMTP or LMTP server instead.
Download and install fetchmail 6.3.6 or a newer stable release from
fetchmail's project site at