Mandriva Linux Security Advisory : fetchmail (MDVSA-2008:117)
Medium Nessus Plugin ID 36958
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA flaw in fetchmail was discovered that allowed remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed message with long headers. The crash only occured when fetchmail was called in '-v -v' mode (CVE-2008-2711).
The updated packages have been patched to prevent this issue.
SolutionUpdate the affected fetchmail, fetchmail-daemon and / or fetchmailconf packages.