Fetchmail's FetchmailConf Utility Local Information Disclosure Vulnerability

Fetchmail's FetchmailConf Utility Local Information Disclosure Vulnerability

Fetchmail is susceptible to an information-disclosure vulnerability. This issue is due to a race condition in the 'fetchmailconf' configuration utility.

This issue allows local attackers to gain access to potentially sensitive information, including email authentication credentials, aiding them in further attacks.

Versions of Fetchmail prior to 6.2.9-rc6 include a vulnerable version of 'fetchmailconf'. Versions of 'fetchmailconf' prior to 1.43.2 and 1.49 are vulnerable.