Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 05 Aug 2009 17:14:36 +0200
From: "Matthias Andree" <>
Subject: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix
 verification bypass


fetchmail <= 6.3.10 is susceptible to NUL prefix certificates such as\

Is there a global CVE ID to collect this vulnerability that is supposed to  
be reused by applications?

If there is, please let me know.

If there is not, please assign a new CVE Id.


Matthias Andree

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.