FreeBSD : fetchmail -- crash when bouncing a message (f11d3b22-88c6-11da-a7b2-0060084a00e5)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Matthias Andree reports :

Fetchmail contains a bug that causes itself to crash when bouncing a
message to the originator or to the local postmaster. The crash
happens after the bounce message has been sent, when fetchmail tries
to free the dynamic array of failed addresses, and calls the free()
function with an invalid pointer.

See also :

http://www.fetchmail.info/fetchmail-SA-2006-01.txt
http://bugs.debian.org/348747
http://www.nessus.org/u?78560d22

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21533 (freebsd_pkg_f11d3b2288c611daa7b20060084a00e5.nasl)

Bugtraq ID:

CVE ID: CVE-2006-0321

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now