Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4565 to the following vulnerability: fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP. http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2007-02.txt
Fetchmail dereferences NULL after SMTP server not accepting his warning mail to postmaster. Attacker could possibly make fetchmail generate a warning (i.e. by sending too big/malformed mail), but is pretty limited in how could he get the SMTP server refuse a message (maybe fill his mail queue storage by sending lots of mails). All he would get would be to crash the fetchmail.
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/#low
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:1427 https://rhn.redhat.com/errata/RHSA-2009-1427.html
Reporter changed to security-response-team by request of Jay Turner.