Boundary Check Vulnerability in Fetchmail's getmxrecord Function

Boundary Check Vulnerability in Fetchmail's getmxrecord Function

CVE-2002-1175 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the expected boundary.

Learn more about our Cis Benchmark Audit For Server Software.