J. Porter Clark

**Name of the Vulnerable Software and Affected Versions** Fetchmail versions 5.0.8 through 6.3.21 **Description** The issue allows remote NTLM servers to cause a denial of service, resulting in a crash and delayed delivery of inbound mail, via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder. Additionally, it enables remote NTLM servers to obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read. **Recommendations** For Fetchmail versions 5.0.8 through 6.3.21, consider disabling NTLM authentication in debug mode until a patch is available. Restrict access to the base64 decoder function to minimize the risk of exploitation. Avoid using the NTLM authentication protocol with debug mode enabled in the affected Fetchmail versions until the issue is resolved.