FreeBSD : fetchmail -- potential crash in -v -v verbose mode (168190df-3e9a-11dd-87bc-000ea69a5213)

medium Nessus Plugin ID 33239

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Matthias Andree reports :

Gunter Nau reported fetchmail crashing on some messages; further debugging by Petr Uzel and Petr Cerny at Novell/SUSE Czech Republic dug up that this happened when fetchmail was trying to print, in -v -v verbose level, headers exceeding 2048 bytes. In this situation, fetchmail would resize the buffer and fill in further parts of the message, but forget to reinitialize its va_list typed source pointer, thus reading data from a garbage address found on the stack at addresses above the function arguments the caller passed in; usually that would be the caller's stack frame.

Solution

Update the affected package.

See Also

http://www.fetchmail.info/fetchmail-SA-2008-01.txt

http://www.nessus.org/u?ecf4b84b

Plugin Details

Severity: Medium

ID: 33239

File Name: freebsd_pkg_168190df3e9a11dd87bc000ea69a5213.nasl

Version: 1.14

Type: local

Published: 6/24/2008

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:fetchmail, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/20/2008

Vulnerability Publication Date: 6/13/2008

Reference Information

CVE: CVE-2008-2711

CWE: 20