FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

fetchmail -- heap overflow on verbose X.509 display

Affected packages
6.3.11 <= fetchmail < 6.3.14


VuXML ID 2a6a966f-1774-11df-b5c1-0026189baca3
Discovery 2010-02-04
Entry 2010-02-12

Matthias Andree reports:

In verbose mode, fetchmail prints X.509 certificate subject and issuer information to the user, and counts and allocates a malloc() buffer for that purpose.

If the material to be displayed contains characters with high bit set and the platform treats the "char" type as signed, this can cause a heap buffer overrun because non-printing characters are escaped as \xFF..FFnn, where nn is 80..FF in hex.


Bugtraq ID 38088
CVE Name CVE-2010-0562