CVE-2010-0562

Name of the Vulnerable Software and Affected Versions fetchmail versions 6.3.11 through 6.3.13

Description The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set. This triggers a heap-based buffer overflow during escaping in the sdump function when running in verbose mode on platforms for which char is signed.

Recommendations For fetchmail versions 6.3.11 through 6.3.13, consider disabling the verbose mode as a temporary workaround until a patch is available. Restrict access to SSL X.509 certificates to minimize the risk of exploitation.