Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

References:

CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass (Matthias Andree)
Fetchmail Homepage (Eric Raymond)
Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification byp (Tomas Hoger)
Release Name: fetchmail-6.3.11 (Fetchmail)
fetchmail security announcement fetchmail-SA-2009-01 (CVE-2009-2666) (ma+bt@dt.e-technik.uni-dortmund.de)
fetchmail-SA-2009-01: Improper SSL certificate subject verification (Matthias Andree)

Privacy Statement
Copyright 2010, SecurityFocus