Vulnerabilites related to postfix - postfix
CVE-2012-0811 (GCVE-0-2012-0811)
Vulnerability from cvelistv5
Published
2014-10-01 14:00
Modified
2024-08-06 18:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51680",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51680"
},
{
"name": "[oss-security] 20120126 CVE request: PostfixAdmin SQL injections and XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT"
},
{
"name": "[oss-security] 20120127 Re: CVE request: PostfixAdmin SQL injections and XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/27/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-01T13:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "51680",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51680"
},
{
"name": "[oss-security] 20120126 CVE request: PostfixAdmin SQL injections and XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT"
},
{
"name": "[oss-security] 20120127 Re: CVE request: PostfixAdmin SQL injections and XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/27/5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51680",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51680"
},
{
"name": "[oss-security] 20120126 CVE request: PostfixAdmin SQL injections and XSS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/5"
},
{
"name": "http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin",
"refsource": "MISC",
"url": "http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin"
},
{
"name": "https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT",
"refsource": "CONFIRM",
"url": "https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT"
},
{
"name": "[oss-security] 20120127 Re: CVE request: PostfixAdmin SQL injections and XSS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/27/5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0811",
"datePublished": "2014-10-01T14:00:00",
"dateReserved": "2012-01-19T00:00:00",
"dateUpdated": "2024-08-06T18:38:14.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2937 (GCVE-0-2008-2937)
Vulnerability from cvelistv5
Published
2008-08-18 19:00
Modified
2024-08-07 09:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:21:34.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-8595",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"name": "32231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32231"
},
{
"name": "MDVSA-2009:224",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:224"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
},
{
"name": "FEDORA-2008-8593",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2689"
},
{
"name": "20080821 rPSA-2008-0259-1 postfix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
},
{
"name": "postfix-email-information-disclosure(44461)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44461"
},
{
"name": "30691",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30691"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
},
{
"name": "SUSE-SA:2008:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
},
{
"name": "RHSA-2011:0422",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
},
{
"name": "31500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31500"
},
{
"name": "31477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31477"
},
{
"name": "31485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31485"
},
{
"name": "ADV-2008-2385",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2385"
},
{
"name": "GLSA-200808-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user\u0027s account name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2008-8595",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"name": "32231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32231"
},
{
"name": "MDVSA-2009:224",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:224"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
},
{
"name": "FEDORA-2008-8593",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2689"
},
{
"name": "20080821 rPSA-2008-0259-1 postfix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
},
{
"name": "postfix-email-information-disclosure(44461)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44461"
},
{
"name": "30691",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30691"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
},
{
"name": "SUSE-SA:2008:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
},
{
"name": "RHSA-2011:0422",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
},
{
"name": "31500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31500"
},
{
"name": "31477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31477"
},
{
"name": "31485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31485"
},
{
"name": "ADV-2008-2385",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2385"
},
{
"name": "GLSA-200808-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-2937",
"datePublished": "2008-08-18T19:00:00",
"dateReserved": "2008-06-30T00:00:00",
"dateUpdated": "2024-08-07T09:21:34.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12063 (GCVE-0-2020-12063)
Vulnerability from cvelistv5
Published
2020-04-24 11:59
Modified
2024-08-04 11:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \xce\xbf to the 'o' character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a "Sender address rejected: not logged in" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address is not blocked. NOTE: some third parties argue that any missed blocking of spoofed outbound messages - except for exact matches to a sender address in the /etc/postfix/sender_login file - is outside the design goals of Postfix and thus cannot be considered a Postfix vulnerability
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:57.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \\xce\\xbf to the \u0027o\u0027 character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a \"Sender address rejected: not logged in\" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address is not blocked. NOTE: some third parties argue that any missed blocking of spoofed outbound messages - except for exact matches to a sender address in the /etc/postfix/sender_login file - is outside the design goals of Postfix and thus cannot be considered a Postfix vulnerability"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-24T12:05:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/12"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \\xce\\xbf to the \u0027o\u0027 character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a \"Sender address rejected: not logged in\" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address is not blocked. NOTE: some third parties argue that any missed blocking of spoofed outbound messages - except for exact matches to a sender address in the /etc/postfix/sender_login file - is outside the design goals of Postfix and thus cannot be considered a Postfix vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2020/04/23/3",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/3"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/04/23/12",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12063",
"datePublished": "2020-04-24T11:59:03",
"dateReserved": "2020-04-22T00:00:00",
"dateUpdated": "2024-08-04T11:48:57.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10140 (GCVE-0-2017-10140)
Vulnerability from cvelistv5
Published
2018-04-16 16:00
Modified
2024-08-05 17:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-sec] 20170611 Berkeley DB reads DB_CONFIG from cwd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2017/q3/285"
},
{
"name": "RHSA-2019:0366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postfix.org/announcements/postfix-3.2.2.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-15T17:34:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-sec] 20170611 Berkeley DB reads DB_CONFIG from cwd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2017/q3/285"
},
{
"name": "RHSA-2019:0366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postfix.org/announcements/postfix-3.2.2.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-sec] 20170611 Berkeley DB reads DB_CONFIG from cwd",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2017/q3/285"
},
{
"name": "RHSA-2019:0366",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "http://www.postfix.org/announcements/postfix-3.2.2.html",
"refsource": "CONFIRM",
"url": "http://www.postfix.org/announcements/postfix-3.2.2.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10140",
"datePublished": "2018-04-16T16:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-08-05T17:33:16.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51764 (GCVE-0-2023-51764)
Vulnerability from cvelistv5
Published
2023-12-24 00:00
Modified
2024-08-02 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.postfix.org/smtp-smuggling.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255563"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-51764"
},
{
"tags": [
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eeenvik1/CVE-2023-51764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/duy-31/CVE-2023-51764"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"name": "FEDORA-2024-c839e7294f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/"
},
{
"name": "FEDORA-2024-5c186175f2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lwn.net/Articles/956533/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/22/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.postfix.org/announcements/postfix-3.8.5.html"
},
{
"name": "[debian-lts-announce] 20240130 [SECURITY] [DLA 3725-1] postfix security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html"
},
{
"name": "[oss-security] 20240508 Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/05/09/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports \u003cLF\u003e.\u003cCR\u003e\u003cLF\u003e but some other popular e-mail servers do not. To prevent attack variants (by always disallowing \u003cLF\u003e without \u003cCR\u003e), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T18:07:59.991035",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.postfix.org/smtp-smuggling.html"
},
{
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255563"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-51764"
},
{
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"url": "https://github.com/eeenvik1/CVE-2023-51764"
},
{
"url": "https://github.com/duy-31/CVE-2023-51764"
},
{
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"name": "FEDORA-2024-c839e7294f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/"
},
{
"name": "FEDORA-2024-5c186175f2",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/"
},
{
"url": "https://lwn.net/Articles/956533/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/01/22/1"
},
{
"url": "https://www.postfix.org/announcements/postfix-3.8.5.html"
},
{
"name": "[debian-lts-announce] 20240130 [SECURITY] [DLA 3725-1] postfix security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html"
},
{
"name": "[oss-security] 20240508 Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/05/09/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51764",
"datePublished": "2023-12-24T00:00:00",
"dateReserved": "2023-12-24T00:00:00",
"dateUpdated": "2024-08-02T22:48:11.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2936 (GCVE-0-2008-2936)
Vulnerability from cvelistv5
Published
2008-08-18 19:00
Modified
2024-08-07 09:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:21:34.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-8595",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
},
{
"name": "32231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32231"
},
{
"name": "31469",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31469"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
},
{
"name": "DSA-1629",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1629"
},
{
"name": "31530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31530"
},
{
"name": "FEDORA-2008-8593",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2689"
},
{
"name": "1020700",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020700"
},
{
"name": "20080821 rPSA-2008-0259-1 postfix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
},
{
"name": "VU#938323",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/938323"
},
{
"name": "[postfix-announce] 20080814 Postfix local privilege escalation via hardlinked symlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
},
{
"name": "4160",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4160"
},
{
"name": "30691",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30691"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
},
{
"name": "SUSE-SA:2008:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
},
{
"name": "31474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31474"
},
{
"name": "20080831 PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
},
{
"name": "postfix-symlink-code-execution(44460)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
},
{
"name": "6337",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6337"
},
{
"name": "RHSA-2008:0839",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
},
{
"name": "31500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31500"
},
{
"name": "oval:org.mitre.oval:def:10033",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
},
{
"name": "31477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31477"
},
{
"name": "31485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31485"
},
{
"name": "USN-636-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/636-1/"
},
{
"name": "MDVSA-2008:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
},
{
"name": "20080814 Postfix local privilege escalation via hardlinked symlinks",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
},
{
"name": "ADV-2008-2385",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2385"
},
{
"name": "GLSA-200808-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2008-8595",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
},
{
"name": "32231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32231"
},
{
"name": "31469",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31469"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
},
{
"name": "DSA-1629",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1629"
},
{
"name": "31530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31530"
},
{
"name": "FEDORA-2008-8593",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2689"
},
{
"name": "1020700",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020700"
},
{
"name": "20080821 rPSA-2008-0259-1 postfix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
},
{
"name": "VU#938323",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/938323"
},
{
"name": "[postfix-announce] 20080814 Postfix local privilege escalation via hardlinked symlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
},
{
"name": "4160",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4160"
},
{
"name": "30691",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30691"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
},
{
"name": "SUSE-SA:2008:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
},
{
"name": "31474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31474"
},
{
"name": "20080831 PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
},
{
"name": "postfix-symlink-code-execution(44460)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
},
{
"name": "6337",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6337"
},
{
"name": "RHSA-2008:0839",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
},
{
"name": "31500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31500"
},
{
"name": "oval:org.mitre.oval:def:10033",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
},
{
"name": "31477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31477"
},
{
"name": "31485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31485"
},
{
"name": "USN-636-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/636-1/"
},
{
"name": "MDVSA-2008:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
},
{
"name": "20080814 Postfix local privilege escalation via hardlinked symlinks",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
},
{
"name": "ADV-2008-2385",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2385"
},
{
"name": "GLSA-200808-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-2936",
"datePublished": "2008-08-18T19:00:00",
"dateReserved": "2008-06-30T00:00:00",
"dateUpdated": "2024-08-07T09:21:34.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2939 (GCVE-0-2009-2939)
Vulnerability from cvelistv5
Published
2009-09-21 19:00
Modified
2024-08-07 06:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20090918 Insecure pid directory permissions for postfix on Debian / Ubuntu",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/18/6"
},
{
"name": "DSA-2233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2233"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20090918 Insecure pid directory permissions for postfix on Debian / Ubuntu",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/18/6"
},
{
"name": "DSA-2233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2233"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20090918 Insecure pid directory permissions for postfix on Debian / Ubuntu",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/18/6"
},
{
"name": "DSA-2233",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2233"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2939",
"datePublished": "2009-09-21T19:00:00",
"dateReserved": "2009-08-23T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0411 (GCVE-0-2011-0411)
Vulnerability from cvelistv5
Published
2011-03-16 22:00
Modified
2024-08-06 21:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"name": "multiple-starttls-command-execution(65932)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postfix.org/CVE-2011-0411.html"
},
{
"name": "43646",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43646"
},
{
"name": "SUSE-SR:2011:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name": "71021",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/71021"
},
{
"name": "ADV-2011-0752",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0752"
},
{
"name": "ADV-2011-0891",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0891"
},
{
"name": "GLSA-201206-33",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"name": "FEDORA-2011-3355",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056560.html"
},
{
"name": "43874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43874"
},
{
"name": "FEDORA-2011-3394",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056559.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MORO-8ELH6Z"
},
{
"name": "APPLE-SA-2011-10-12-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "ADV-2011-0611",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0611"
},
{
"name": "46767",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46767"
},
{
"name": "RHSA-2011:0423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0423.html"
},
{
"name": "VU#555316",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"name": "1025179",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025179"
},
{
"name": "RHSA-2011:0422",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "DSA-2233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"name": "[oss-security] 20210810 STARTTLS vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T11:07:06",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"name": "multiple-starttls-command-execution(65932)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postfix.org/CVE-2011-0411.html"
},
{
"name": "43646",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43646"
},
{
"name": "SUSE-SR:2011:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name": "71021",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/71021"
},
{
"name": "ADV-2011-0752",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0752"
},
{
"name": "ADV-2011-0891",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0891"
},
{
"name": "GLSA-201206-33",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"name": "FEDORA-2011-3355",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056560.html"
},
{
"name": "43874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43874"
},
{
"name": "FEDORA-2011-3394",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056559.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MORO-8ELH6Z"
},
{
"name": "APPLE-SA-2011-10-12-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "ADV-2011-0611",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0611"
},
{
"name": "46767",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46767"
},
{
"name": "RHSA-2011:0423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0423.html"
},
{
"name": "VU#555316",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"name": "1025179",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025179"
},
{
"name": "RHSA-2011:0422",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "DSA-2233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"name": "[oss-security] 20210810 STARTTLS vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-0411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"name": "multiple-starttls-command-execution(65932)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
},
{
"name": "http://www.postfix.org/CVE-2011-0411.html",
"refsource": "CONFIRM",
"url": "http://www.postfix.org/CVE-2011-0411.html"
},
{
"name": "43646",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43646"
},
{
"name": "SUSE-SR:2011:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name": "71021",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/71021"
},
{
"name": "ADV-2011-0752",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0752"
},
{
"name": "ADV-2011-0891",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0891"
},
{
"name": "GLSA-201206-33",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"name": "FEDORA-2011-3355",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056560.html"
},
{
"name": "43874",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43874"
},
{
"name": "FEDORA-2011-3394",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056559.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/MORO-8ELH6Z",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MORO-8ELH6Z"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "ADV-2011-0611",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0611"
},
{
"name": "46767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46767"
},
{
"name": "RHSA-2011:0423",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0423.html"
},
{
"name": "VU#555316",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"name": "1025179",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025179"
},
{
"name": "RHSA-2011:0422",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "DSA-2233",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"name": "[oss-security] 20210810 STARTTLS vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-0411",
"datePublished": "2011-03-16T22:00:00",
"dateReserved": "2011-01-11T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1720 (GCVE-0-2011-1720)
Vulnerability from cvelistv5
Published
2011-05-13 17:00
Modified
2024-08-06 22:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110509 Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517917/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postfix.org/CVE-2011-1720.html"
},
{
"name": "44500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44500"
},
{
"name": "47778",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47778"
},
{
"name": "GLSA-201206-33",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"name": "72259",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/72259"
},
{
"name": "VU#727230",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/727230"
},
{
"name": "1025521",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025521"
},
{
"name": "[postfix-announce] 20110509 Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.mail-archive.com/postfix-announce%40postfix.org/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postfix.org/announcements/postfix-2.8.3.html"
},
{
"name": "8247",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8247"
},
{
"name": "SUSE-SA:2011:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=699035"
},
{
"name": "MDVSA-2011:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:090"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "DSA-2233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"name": "USN-1131-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-1131-1"
},
{
"name": "postfix-cyrus-sasl-code-exec(67359)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67359"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20110509 Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517917/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postfix.org/CVE-2011-1720.html"
},
{
"name": "44500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44500"
},
{
"name": "47778",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47778"
},
{
"name": "GLSA-201206-33",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"name": "72259",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/72259"
},
{
"name": "VU#727230",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/727230"
},
{
"name": "1025521",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025521"
},
{
"name": "[postfix-announce] 20110509 Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.mail-archive.com/postfix-announce%40postfix.org/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postfix.org/announcements/postfix-2.8.3.html"
},
{
"name": "8247",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8247"
},
{
"name": "SUSE-SA:2011:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=699035"
},
{
"name": "MDVSA-2011:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:090"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "DSA-2233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"name": "USN-1131-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-1131-1"
},
{
"name": "postfix-cyrus-sasl-code-exec(67359)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67359"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1720",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110509 Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517917/100/0/threaded"
},
{
"name": "http://www.postfix.org/CVE-2011-1720.html",
"refsource": "CONFIRM",
"url": "http://www.postfix.org/CVE-2011-1720.html"
},
{
"name": "44500",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44500"
},
{
"name": "47778",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47778"
},
{
"name": "GLSA-201206-33",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"name": "72259",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/72259"
},
{
"name": "VU#727230",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/727230"
},
{
"name": "1025521",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025521"
},
{
"name": "[postfix-announce] 20110509 Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/postfix-announce@postfix.org/msg00007.html"
},
{
"name": "http://www.postfix.org/announcements/postfix-2.8.3.html",
"refsource": "CONFIRM",
"url": "http://www.postfix.org/announcements/postfix-2.8.3.html"
},
{
"name": "8247",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8247"
},
{
"name": "SUSE-SA:2011:023",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=699035",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=699035"
},
{
"name": "MDVSA-2011:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:090"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "DSA-2233",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"name": "USN-1131-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-1131-1"
},
{
"name": "postfix-cyrus-sasl-code-exec(67359)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67359"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1720",
"datePublished": "2011-05-13T17:00:00",
"dateReserved": "2011-04-18T00:00:00",
"dateUpdated": "2024-08-06T22:37:25.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4977 (GCVE-0-2008-4977)
Vulnerability from cvelistv5
Published
2008-11-06 11:00
Modified
2024-09-17 00:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:31:28.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/postfix"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/496401"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235811"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating \"This is not a real issue ... users would have to edit a script under /usr/lib to enable it."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-06T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/postfix"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/496401"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235811"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating \"This is not a real issue ... users would have to edit a script under /usr/lib to enable it.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=235770",
"refsource": "MISC",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"name": "http://dev.gentoo.org/~rbu/security/debiantemp/postfix",
"refsource": "MISC",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/postfix"
},
{
"name": "http://bugs.debian.org/496401",
"refsource": "MISC",
"url": "http://bugs.debian.org/496401"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=235811",
"refsource": "MISC",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235811"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4977",
"datePublished": "2008-11-06T11:00:00Z",
"dateReserved": "2008-11-06T00:00:00Z",
"dateUpdated": "2024-09-17T00:50:31.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3889 (GCVE-0-2008-3889)
Vulnerability from cvelistv5
Published
2008-09-12 16:00
Modified
2024-08-07 09:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31986"
},
{
"name": "FEDORA-2008-8595",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"name": "32231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32231"
},
{
"name": "20080916 [Suspected Spam][CVE-2008-4042] Postfix Linux-only local denial of service - PoC",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496420/100/0/threaded"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "USN-642-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-642-1"
},
{
"name": "30977",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30977"
},
{
"name": "FEDORA-2008-8593",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"name": "31800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31800"
},
{
"name": "postfix-filedescriptor-dos(44865)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44865"
},
{
"name": "4239",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4239"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "GLSA-200809-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-09.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.wekk.net/research/CVE-2008-3889/"
},
{
"name": "31716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31716"
},
{
"name": "6472",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6472"
},
{
"name": "MDVSA-2008:190",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:190"
},
{
"name": "1020800",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postfix.org/announcements/20080902.html"
},
{
"name": "20081104 rPSA-2008-0311-1 postfix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498037/100/0/threaded"
},
{
"name": "20080902 Postfix Linux-only local denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495894/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of \"non-Postfix\" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31986"
},
{
"name": "FEDORA-2008-8595",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"name": "32231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32231"
},
{
"name": "20080916 [Suspected Spam][CVE-2008-4042] Postfix Linux-only local denial of service - PoC",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496420/100/0/threaded"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "USN-642-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-642-1"
},
{
"name": "30977",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30977"
},
{
"name": "FEDORA-2008-8593",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"name": "31800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31800"
},
{
"name": "postfix-filedescriptor-dos(44865)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44865"
},
{
"name": "4239",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4239"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "GLSA-200809-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-09.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.wekk.net/research/CVE-2008-3889/"
},
{
"name": "31716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31716"
},
{
"name": "6472",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6472"
},
{
"name": "MDVSA-2008:190",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:190"
},
{
"name": "1020800",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postfix.org/announcements/20080902.html"
},
{
"name": "20081104 rPSA-2008-0311-1 postfix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498037/100/0/threaded"
},
{
"name": "20080902 Postfix Linux-only local denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495894/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of \"non-Postfix\" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31986",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31986"
},
{
"name": "FEDORA-2008-8595",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"name": "32231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32231"
},
{
"name": "20080916 [Suspected Spam][CVE-2008-4042] Postfix Linux-only local denial of service - PoC",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496420/100/0/threaded"
},
{
"name": "31982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31982"
},
{
"name": "USN-642-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-642-1"
},
{
"name": "30977",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30977"
},
{
"name": "FEDORA-2008-8593",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"name": "31800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31800"
},
{
"name": "postfix-filedescriptor-dos(44865)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44865"
},
{
"name": "4239",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4239"
},
{
"name": "SUSE-SR:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "GLSA-200809-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-09.xml"
},
{
"name": "http://www.wekk.net/research/CVE-2008-3889/",
"refsource": "MISC",
"url": "http://www.wekk.net/research/CVE-2008-3889/"
},
{
"name": "31716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31716"
},
{
"name": "6472",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6472"
},
{
"name": "MDVSA-2008:190",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:190"
},
{
"name": "1020800",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020800"
},
{
"name": "http://www.postfix.org/announcements/20080902.html",
"refsource": "CONFIRM",
"url": "http://www.postfix.org/announcements/20080902.html"
},
{
"name": "20081104 rPSA-2008-0311-1 postfix",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498037/100/0/threaded"
},
{
"name": "20080902 Postfix Linux-only local denial of service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495894/100/0/threaded"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3889",
"datePublished": "2008-09-12T16:00:00",
"dateReserved": "2008-09-02T00:00:00",
"dateUpdated": "2024-08-07T09:53:00.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-04-24 12:15
Modified
2024-11-21 04:59
Severity ?
Summary
A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \xce\xbf to the 'o' character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a "Sender address rejected: not logged in" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address is not blocked. NOTE: some third parties argue that any missed blocking of spoofed outbound messages - except for exact matches to a sender address in the /etc/postfix/sender_login file - is outside the design goals of Postfix and thus cannot be considered a Postfix vulnerability
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2020/04/23/12 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2020/04/23/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2020/04/23/12 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2020/04/23/3 | Mailing List, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C851CA35-20A6-4D1E-8473-7FDFBB2F633B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \\xce\\xbf to the \u0027o\u0027 character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a \"Sender address rejected: not logged in\" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address is not blocked. NOTE: some third parties argue that any missed blocking of spoofed outbound messages - except for exact matches to a sender address in the /etc/postfix/sender_login file - is outside the design goals of Postfix and thus cannot be considered a Postfix vulnerability"
},
{
"lang": "es",
"value": "** EN DISPUTA ** Un determinado paquete Postfix versi\u00f3n 2.10.1-7, podr\u00eda permitir a un atacante enviar un correo electr\u00f3nico desde un remitente de aspecto arbitrario por medio de un ataque de Homoglifo, como es demostrado por la similitud de \\xce\\xbf con el car\u00e1cter \"o\". Esto es potencialmente relevante cuando es usada la funcionalidad /etc/postfix/sender_login, porque un mensaje saliente falso que usa una direcci\u00f3n de remitente configurada es bloqueado con un mensaje de error \"Sender address rejected: not logged in\", pero un mensaje saliente falso que usa un homoglifo de una direcci\u00f3n de remitente configurada no es bloqueado. NOTA: Algunos terceros sostienen que cualquier bloqueo omitido de mensajes salientes falsos - excepto por coincidencias exactas con una direcci\u00f3n del remitente en el archivo de /etc/postfix/sender_login - est\u00e1 fuera de los objetivos de dise\u00f1o de Postfix y, por lo tanto, no puede ser considerada una vulnerabilidad de Postfix."
}
],
"id": "CVE-2020-12063",
"lastModified": "2024-11-21T04:59:12.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-24T12:15:12.877",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/04/23/3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-08-18 19:41
Modified
2025-04-09 00:30
Severity ?
Summary
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY | ||
| secalert@redhat.com | ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY | ||
| secalert@redhat.com | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html | ||
| secalert@redhat.com | http://secunia.com/advisories/31477 | ||
| secalert@redhat.com | http://secunia.com/advisories/31485 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/31500 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/32231 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200808-12.xml | ||
| secalert@redhat.com | http://wiki.rpath.com/Advisories:rPSA-2008-0259 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:224 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-0422.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/495632/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/30691 | Patch | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2008/2385 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/44461 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-2689 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31485 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31500 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32231 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200808-12.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2008-0259 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:224 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0422.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495632/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/30691 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2385 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/44461 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2689 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA31260C-1C67-4E76-9F56-2359BFA0B197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DE90BD-B5F9-4762-B086-130AB04F3CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD5258B-C9DE-47BD-9172-27618F220201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B3F710-13EF-4A36-B191-E0FCC1D98E23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user\u0027s account name."
},
{
"lang": "es",
"value": "Postfix 2.5 anterior a 2.5.4 y 2.6 anterior a 2.6-20080814 env\u00eda a un archivo buz\u00f3n incluso cuando este archivo no es propiedad del receptor, lo que permite a usuarios locales leer mensajes de correo creando un archivo buz\u00f3n correspondiente con el nombre de cuenta de otro usuario."
}
],
"evaluatorComment": "Please refer to the following links for additional version information (vendor release notes):\r\n\r\nPostfix 2.5 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.5.4.RELEASE_NOTES\r\n\r\nPostfix 2.6 - ftp://mirrors.loonybin.net/pub/postfix/experimental/postfix-2.6-20080814.RELEASE_NOTES",
"id": "CVE-2008-2937",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-08-18T19:41:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
},
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
},
{
"source": "secalert@redhat.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/31477"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31485"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31500"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/32231"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:224"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/30691"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2008/2385"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44461"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-2689"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/30691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=456347\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/",
"lastModified": "2008-08-19T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-13 17:05
Modified
2025-04-11 00:51
Severity ?
Summary
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html | ||
| cve@mitre.org | http://secunia.com/advisories/44500 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201206-33.xml | ||
| cve@mitre.org | http://securityreason.com/securityalert/8247 | ||
| cve@mitre.org | http://www.debian.org/security/2011/dsa-2233 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/727230 | US Government Resource | |
| cve@mitre.org | http://www.mail-archive.com/postfix-announce%40postfix.org/msg00007.html | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2011:090 | ||
| cve@mitre.org | http://www.osvdb.org/72259 | ||
| cve@mitre.org | http://www.postfix.org/CVE-2011-1720.html | Vendor Advisory | |
| cve@mitre.org | http://www.postfix.org/announcements/postfix-2.8.3.html | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/517917/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/47778 | Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1025521 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-1131-1 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=699035 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/67359 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/44500 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201206-33.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/8247 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2233 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/727230 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mail-archive.com/postfix-announce%40postfix.org/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:090 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/72259 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.postfix.org/CVE-2011-1720.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.postfix.org/announcements/postfix-2.8.3.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/517917/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/47778 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1025521 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-1131-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=699035 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/67359 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| postfix | postfix | 2.0.0 | |
| postfix | postfix | 2.0.1 | |
| postfix | postfix | 2.0.2 | |
| postfix | postfix | 2.0.3 | |
| postfix | postfix | 2.0.4 | |
| postfix | postfix | 2.0.5 | |
| postfix | postfix | 2.0.6 | |
| postfix | postfix | 2.0.7 | |
| postfix | postfix | 2.0.8 | |
| postfix | postfix | 2.0.9 | |
| postfix | postfix | 2.0.10 | |
| postfix | postfix | 2.0.11 | |
| postfix | postfix | 2.0.12 | |
| postfix | postfix | 2.0.13 | |
| postfix | postfix | 2.0.14 | |
| postfix | postfix | 2.0.15 | |
| postfix | postfix | 2.0.16 | |
| postfix | postfix | 2.0.17 | |
| postfix | postfix | 2.0.18 | |
| postfix | postfix | 2.0.19 | |
| postfix | postfix | 2.1.0 | |
| postfix | postfix | 2.1.1 | |
| postfix | postfix | 2.1.2 | |
| postfix | postfix | 2.1.3 | |
| postfix | postfix | 2.1.4 | |
| postfix | postfix | 2.1.5 | |
| postfix | postfix | 2.1.6 | |
| postfix | postfix | 2.2.0 | |
| postfix | postfix | 2.2.1 | |
| postfix | postfix | 2.2.2 | |
| postfix | postfix | 2.2.3 | |
| postfix | postfix | 2.2.4 | |
| postfix | postfix | 2.2.5 | |
| postfix | postfix | 2.2.6 | |
| postfix | postfix | 2.2.7 | |
| postfix | postfix | 2.2.8 | |
| postfix | postfix | 2.2.9 | |
| postfix | postfix | 2.2.10 | |
| postfix | postfix | 2.2.11 | |
| postfix | postfix | 2.2.12 | |
| postfix | postfix | 2.3 | |
| postfix | postfix | 2.3.0 | |
| postfix | postfix | 2.3.1 | |
| postfix | postfix | 2.3.2 | |
| postfix | postfix | 2.3.3 | |
| postfix | postfix | 2.3.4 | |
| postfix | postfix | 2.3.5 | |
| postfix | postfix | 2.3.6 | |
| postfix | postfix | 2.3.7 | |
| postfix | postfix | 2.3.8 | |
| postfix | postfix | 2.3.9 | |
| postfix | postfix | 2.3.10 | |
| postfix | postfix | 2.3.11 | |
| postfix | postfix | 2.3.12 | |
| postfix | postfix | 2.3.13 | |
| postfix | postfix | 2.3.14 | |
| postfix | postfix | 2.3.15 | |
| postfix | postfix | 2.3.16 | |
| postfix | postfix | 2.3.17 | |
| postfix | postfix | 2.3.18 | |
| postfix | postfix | 2.3.19 | |
| postfix | postfix | 2.4 | |
| postfix | postfix | 2.4.0 | |
| postfix | postfix | 2.4.1 | |
| postfix | postfix | 2.4.2 | |
| postfix | postfix | 2.4.3 | |
| postfix | postfix | 2.4.4 | |
| postfix | postfix | 2.4.5 | |
| postfix | postfix | 2.4.6 | |
| postfix | postfix | 2.4.7 | |
| postfix | postfix | 2.4.8 | |
| postfix | postfix | 2.4.9 | |
| postfix | postfix | 2.4.10 | |
| postfix | postfix | 2.4.11 | |
| postfix | postfix | 2.4.12 | |
| postfix | postfix | 2.4.13 | |
| postfix | postfix | 2.4.14 | |
| postfix | postfix | 2.4.15 | |
| postfix | postfix | 2.5.0 | |
| postfix | postfix | 2.5.1 | |
| postfix | postfix | 2.5.2 | |
| postfix | postfix | 2.5.3 | |
| postfix | postfix | 2.5.4 | |
| postfix | postfix | 2.5.5 | |
| postfix | postfix | 2.5.6 | |
| postfix | postfix | 2.5.7 | |
| postfix | postfix | 2.5.8 | |
| postfix | postfix | 2.5.9 | |
| postfix | postfix | 2.5.10 | |
| postfix | postfix | 2.5.11 | |
| postfix | postfix | 2.5.12 | |
| postfix | postfix | 2.6 | |
| postfix | postfix | 2.6.0 | |
| postfix | postfix | 2.6.1 | |
| postfix | postfix | 2.6.2 | |
| postfix | postfix | 2.6.3 | |
| postfix | postfix | 2.6.4 | |
| postfix | postfix | 2.6.5 | |
| postfix | postfix | 2.6.6 | |
| postfix | postfix | 2.6.7 | |
| postfix | postfix | 2.6.8 | |
| postfix | postfix | 2.6.9 | |
| postfix | postfix | 2.7.0 | |
| postfix | postfix | 2.7.1 | |
| postfix | postfix | 2.7.2 | |
| postfix | postfix | 2.7.3 | |
| postfix | postfix | 2.8.0 | |
| postfix | postfix | 2.8.1 | |
| postfix | postfix | 2.8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5D16A3-59DA-407B-82E4-65C39EBD3710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5DF3A2-5F47-4D2A-802B-CE53872DDEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7A4BE9-7CBE-404F-B577-933AC26E6E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8872C496-2430-4EA6-B417-51C6877B874A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9646BA-E57D-4E1D-BF1A-FA137CA00ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "66B95D87-5B0B-48F6-8379-2521CFDE7CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A09799F5-6084-4F06-B851-4FEA7873BF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9230082E-FE88-4001-A614-43E8DD76471B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "258010A6-6B75-4663-AD5C-E7AD48B38DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "602E668A-1343-457B-B0E1-CAB3CCA05BD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "83C3C7F7-016F-458B-B40D-E06080552045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FE51A934-BFD2-4E61-9827-A934995BDCAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF57DB8-3D17-4868-9FDF-81A0645FBC5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1BDE9CC6-A7C7-4B0E-A341-E441EF9C33FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7D7ECFA4-01CF-4C44-949D-7781767B724A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A568A8FC-7BB0-431B-8BFE-1BF28DD545B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "B2273956-8CEB-439E-8841-953580AE673D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E074865-92E2-4AFC-8542-00273FDFACEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1274628A-B6F8-48DA-A7B0-7629362A0383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAE9B3D-C867-4100-9F1A-1A925E6BCA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "123ED520-D9A9-457E-B0FF-2164678F2FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F03CC36-4E01-4298-8BF2-208EC2126E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DA763611-3C94-40EB-AC16-F6860FCBFDAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8725859-159E-49A5-91F2-12A6B300AE76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3B5347-F7FD-4291-8535-9D71F9F49568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2750F62-79D5-41ED-8624-4DC36A23A03D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D09CC9-07C8-42C7-B7B2-25251C8615A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F28A5B6A-466B-4B24-9BD4-9DE15642A724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E7B624-C991-4EA1-A977-6C06F57B4E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E899C1C0-18D1-43DE-BC55-C3C14F5395D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F2CA7C-1BCE-4EBB-BFAA-6C27F03CAC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "903BF741-FD7E-41F7-802D-88A09B7EFFFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0A444A-E6FE-4585-BA6C-6061A87C6144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "161082B7-A757-496C-9D35-681851CEA10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B02E2034-BB39-4B86-81CA-3BB93A4E4849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "29CF0FA6-F4F6-4A4B-89A6-057F835FFE89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0055B0EA-775F-4670-A3F9-C1676DBB97D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "363704AE-66A9-4B58-A57E-47748F299471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5226F933-9FB6-4BF6-AC3B-1A22D22F92F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0066AE84-D27D-4E9B-851B-40EDFD07C0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B739C7B-93CC-4367-B006-E8A721ECBCF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F08A3C19-AEB6-4E0C-A41D-01024DC0A25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE8A81E-3856-4908-B7B7-9CF511CA2A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B935272-1EC7-4C70-8299-9DC7594809EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1647690F-D015-4DC4-9FB7-F5E9F0C430D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A814997B-A612-493F-AA85-BA5A187A91FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "449E9764-54F4-46F9-9E4D-F2C96EC5F37E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4A15A5-0994-4A3B-B4CD-1C5D9F411FDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3FB858-1B20-450B-9181-A1FE1C2B9DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBD449-6F03-4EFE-8C87-B5014F0381F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBD42EA-B31E-4E37-BF28-FEBB18369A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B92BCC42-6E9F-44CB-A755-004B6DBD9D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67A4AE-2C1C-49D6-9F53-05CAB51273E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7A64D948-9441-492F-B9E5-DE5D5A3D7266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7BCB67-AF9E-4343-827B-D783C71BAF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "265AD494-E5EB-423B-9C20-62BCB1C3B9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B63D1C8C-6E55-43B1-9479-5CE7A917C501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "208C73B6-88AF-4D8D-A7BE-8AB4E1A4F07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "11993437-8CE2-44A7-BEF8-D5F7410DCB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "E13F9414-C71A-49A7-9A84-BC3151E95598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "546CC4D9-D2F4-4725-AD2D-200E6549BB63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "998D1069-1CF5-42C5-8668-49D72E2D2F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2138A68-3F3D-4C7E-9FEB-2C8A445F2789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5E0EB5-ECC6-4573-9EA7-83E5741DA3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "790C02A8-95DD-42BE-8A1C-1C6D6DDCC443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0034F2-585D-4A98-8428-996A726712DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B162B5-DEF5-46AD-87D1-734B3B637D46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF3730A-0FFD-4C23-B758-BBA67CC9CD92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "10E8E5E2-5674-40D5-AD86-8C4DDB442EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "690EDC73-47B5-4891-86A5-37B6ED80E145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B751BA4B-B7C8-4A87-A03C-5C91678FC832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "08943D31-2139-45D3-A0DB-0C11C31875CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "591FB74F-BD86-4314-A359-739A245D2642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2EF7B2-943F-4DFA-8249-7FC0F9FB0312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9B3AFC1E-01FF-4F91-8C82-5C16378812C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "95E552B8-8B26-4DEE-BC6A-BC0B01C42474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "66E26194-A7E6-4A99-8F55-7422A7E9BAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "58097735-FE3B-48B7-B5EA-3CD530E16031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA31260C-1C67-4E76-9F56-2359BFA0B197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DE90BD-B5F9-4762-B086-130AB04F3CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD5258B-C9DE-47BD-9172-27618F220201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC95B8DD-C8C6-4FC4-81A5-23D7669DA22A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "894002C8-F3C1-4241-96FE-C088BBD0FCED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C91BA7D1-2A5B-4721-8E13-6520D6F0114B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE79FBB-801F-4B1E-8FB8-CB2A1FAF6EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "253DB571-62B7-4015-A758-9DE55AAB8B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AF9D8C-B11C-4681-84CE-5C86926C85F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "955FBDF4-5103-4B19-A5F1-9468F73C7A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAC0FF5-9699-4011-8C07-5DDAF13B64A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1262ECC9-7496-4D6B-880E-6CA85EE5CD46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1E6461-2F2A-49C5-9B2B-08DE418F2F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B3F710-13EF-4A36-B191-E0FCC1D98E23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB5988E-D04B-43B9-A980-82FD44D1D198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1021E-587D-47D3-80E8-43D9CCB4BD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC9B923-222D-4F7F-970C-0B9ADF4E86F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D31B75AE-FF82-4B70-BDEC-4B0FA791A085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C148A9D5-8899-4956-BE45-C4DBD4A2BE08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "558A2B97-6582-445F-991C-4DD530E991DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56509587-6CE6-4497-B571-0A014E1FE064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1B24CEB4-4F57-46CB-990B-AB664CEC96EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5E40EEF8-F075-4B87-BDE7-C2D1A39B2F80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5044BFB-4F00-4FFC-9A66-2FDC666B6C2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "827897F6-2A24-45EC-A072-8C02BA726069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3CFD6A-86E2-4E7B-BAC2-3163FC7DBF17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7705A10C-0BA3-4F04-B757-5890B6A2A860",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133B8398-2495-47CD-B140-5247ECE86EE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D14612B0-7F74-4ED6-89F9-A11ED75A577F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5F5C105E-B22B-48B4-8DC8-5B747792C102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method."
},
{
"lang": "es",
"value": "El servidor SMTP en Postfix anterior a v2.5.13, v2.6.x anterior a v2.6.10, v2.7.x anterior a v2.7.4, y v2.8.x anterior a v2.8.3, cuando ciertos m\u00e9todos Cyrus SASL de autenticaci\u00f3n son activados, no crea un nuevo manejador de servidor despu\u00e9s de que la autentificaci\u00f3n falle, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria libre y ca\u00edda de demonio) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a tra\u00b4ves de un comando AUTH no v\u00e1lido con un m\u00e9todo seguido por un comando AUTH con un m\u00e9todo diferente."
}
],
"id": "CVE-2011-1720",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-13T17:05:43.207",
"references": [
{
"source": "cve@mitre.org",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44500"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8247"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/727230"
},
{
"source": "cve@mitre.org",
"url": "http://www.mail-archive.com/postfix-announce%40postfix.org/msg00007.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:090"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/72259"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postfix.org/CVE-2011-1720.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postfix.org/announcements/postfix-2.8.3.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/517917/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/47778"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1025521"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-1131-1"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=699035"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/727230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mail-archive.com/postfix-announce%40postfix.org/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/72259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postfix.org/CVE-2011-1720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postfix.org/announcements/postfix-2.8.3.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/517917/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/47778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-1131-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=699035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67359"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-06 15:55
Modified
2025-04-09 00:30
Severity ?
Summary
postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.debian.org/496401 | ||
| cve@mitre.org | http://dev.gentoo.org/~rbu/security/debiantemp/postfix | Exploit | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/10/30/2 | ||
| cve@mitre.org | https://bugs.gentoo.org/show_bug.cgi?id=235770 | ||
| cve@mitre.org | https://bugs.gentoo.org/show_bug.cgi?id=235811 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/496401 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://dev.gentoo.org/~rbu/security/debiantemp/postfix | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/10/30/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.gentoo.org/show_bug.cgi?id=235770 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.gentoo.org/show_bug.cgi?id=235811 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DE90BD-B5F9-4762-B086-130AB04F3CB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating \"This is not a real issue ... users would have to edit a script under /usr/lib to enable it."
},
{
"lang": "es",
"value": "** CUESTIONADA ** postfix_groups.pl en Postfix v2.5.2 permite a usuarios locales sobrescribir ficheros a su elecci\u00f3n a trav\u00e9s de un ataque de enlace simulado en los ficheros temporales (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, y (3) /tmp/postfix_groups.message. NOTA: El vendedor ha impugnado esta vulnerabilidad, argumentando que \"Este no es un problema real...los usuarios deber\u00edan realizar una secuencia de comandos bajo /usr/lib para poder hacerlo\"."
}
],
"id": "CVE-2008-4977",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-06T15:55:52.103",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/496401"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/postfix"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/496401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/postfix"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235811"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of postfix as shipped with Red Hat Enterprise Linux 3, 4, or 5. Mentioned script is not part of the official postfix distribution and is not included in Red Hat Enterprise Linux postfix packages.",
"lastModified": "2008-11-06T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-12 16:56
Modified
2025-04-09 00:30
Severity ?
Summary
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html | ||
| cve@mitre.org | http://secunia.com/advisories/31716 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31800 | ||
| cve@mitre.org | http://secunia.com/advisories/31982 | ||
| cve@mitre.org | http://secunia.com/advisories/31986 | ||
| cve@mitre.org | http://secunia.com/advisories/32231 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200809-09.xml | ||
| cve@mitre.org | http://securityreason.com/securityalert/4239 | ||
| cve@mitre.org | http://securitytracker.com/id?1020800 | ||
| cve@mitre.org | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:190 | ||
| cve@mitre.org | http://www.postfix.org/announcements/20080902.html | Patch | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/495894/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/496420/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/498037/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/30977 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-642-1 | ||
| cve@mitre.org | http://www.wekk.net/research/CVE-2008-3889/ | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/44865 | ||
| cve@mitre.org | https://www.exploit-db.com/exploits/6472 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31716 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31800 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32231 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200809-09.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/4239 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1020800 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:190 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.postfix.org/announcements/20080902.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495894/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/496420/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/498037/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/30977 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-642-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.wekk.net/research/CVE-2008-3889/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/44865 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/6472 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | 2.6 | |
| postfix | postfix | 2.4 | |
| postfix | postfix | 2.4.0 | |
| postfix | postfix | 2.4.1 | |
| postfix | postfix | 2.4.2 | |
| postfix | postfix | 2.4.3 | |
| postfix | postfix | 2.4.4 | |
| postfix | postfix | 2.4.5 | |
| postfix | postfix | 2.4.6 | |
| postfix | postfix | 2.4.7 | |
| postfix | postfix | 2.4.8 | |
| postfix | postfix | 2.5.1 | |
| postfix | postfix | 2.5.2 | |
| postfix | postfix | 2.5.3 | |
| postfix | postfix | 2.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC560CC-F785-42D5-A25B-1BA02E7AC464",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "998D1069-1CF5-42C5-8668-49D72E2D2F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2138A68-3F3D-4C7E-9FEB-2C8A445F2789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5E0EB5-ECC6-4573-9EA7-83E5741DA3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "790C02A8-95DD-42BE-8A1C-1C6D6DDCC443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0034F2-585D-4A98-8428-996A726712DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B162B5-DEF5-46AD-87D1-734B3B637D46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF3730A-0FFD-4C23-B758-BBA67CC9CD92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "10E8E5E2-5674-40D5-AD86-8C4DDB442EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "690EDC73-47B5-4891-86A5-37B6ED80E145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B751BA4B-B7C8-4A87-A03C-5C91678FC832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DE90BD-B5F9-4762-B086-130AB04F3CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD5258B-C9DE-47BD-9172-27618F220201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1E6461-2F2A-49C5-9B2B-08DE418F2F7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of \"non-Postfix\" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file."
},
{
"lang": "es",
"value": "Postfix versi\u00f3n 2.4 anteriores a la 2.4.9, versi\u00f3n 2.5 anteriores a la 2.5.5 y versi\u00f3n 2.6 anteriores a la 2.6-2000902, cuando se utiliza con el nucleo de Linux versi\u00f3n 2.6, muestra los descriptores del fichero epoll durante la ejecuci\u00f3n de comandos que no son Postfix, permite a usuarios locales provocar una denegaci\u00f3n de servicio (aplicaci\u00f3n m\u00e1s lenta o finalizaci\u00f3n) mediante un comando especialmente construido, como se ha demostrado por un comando en un fichero .forward."
}
],
"id": "CVE-2008-3889",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-12T16:56:20.587",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31716"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31800"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31982"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31986"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32231"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200809-09.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4239"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020800"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:190"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.postfix.org/announcements/20080902.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495894/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/496420/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/498037/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30977"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-642-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.wekk.net/research/CVE-2008-3889/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44865"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/6472"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200809-09.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.postfix.org/announcements/20080902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495894/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/496420/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/498037/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-642-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.wekk.net/research/CVE-2008-3889/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/6472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions Postfix as shipped with Red Hat Enterprise Linux 3, 4, or 5.",
"lastModified": "2017-09-28T21:31:54.147",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-16 17:29
Modified
2024-11-21 03:05
Severity ?
Summary
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/oss-sec/2017/q3/285 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.postfix.org/announcements/postfix-3.2.2.html | Vendor Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:0366 | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujul2020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2017/q3/285 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.postfix.org/announcements/postfix-3.2.2.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:0366 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2020.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E46DED-C952-4EC2-8418-B94092708565",
"versionEndExcluding": "2.11.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5514620D-4D5B-4090-9462-13C7F6EC6FC1",
"versionEndExcluding": "3.0.10",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE1FAC6-6422-43D8-8981-08359639366B",
"versionEndExcluding": "3.1.6",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B5C3C4E-E289-4F5E-A211-A9EE33EDE36E",
"versionEndExcluding": "3.2.2",
"versionStartIncluding": "3.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory."
},
{
"lang": "es",
"value": "Postfix, en versiones anteriores a la 2.11.10, versiones 3.0.x anteriores a la 3.0.10, versiones 3.1.x anteriores a la 3.1.6 y versiones 3.2.x anteriores a la 3.2.2, podr\u00eda permitir que usuarios locales obtengan privilegios aprovechando una funcionalidad no documentada en Berkeley DB, en versiones 2.x y posteriores. Esto est\u00e1 relacionado con la lectura de opciones de DB_CONFIG en el directorio actual."
}
],
"id": "CVE-2017-10140",
"lastModified": "2024-11-21T03:05:27.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-16T17:29:00.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2017/q3/285"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postfix.org/announcements/postfix-3.2.2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2017/q3/285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postfix.org/announcements/postfix-3.2.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-01 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin | Exploit | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/01/26/5 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/01/27/5 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/51680 | ||
| secalert@redhat.com | https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/01/26/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/01/27/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51680 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| postfix | postfix | * | |
| postfix | postfix | 2.0.0 | |
| postfix | postfix | 2.0.1 | |
| postfix | postfix | 2.0.2 | |
| postfix | postfix | 2.0.3 | |
| postfix | postfix | 2.0.4 | |
| postfix | postfix | 2.0.5 | |
| postfix | postfix | 2.0.6 | |
| postfix | postfix | 2.0.7 | |
| postfix | postfix | 2.0.8 | |
| postfix | postfix | 2.0.9 | |
| postfix | postfix | 2.0.10 | |
| postfix | postfix | 2.0.11 | |
| postfix | postfix | 2.0.12 | |
| postfix | postfix | 2.0.13 | |
| postfix | postfix | 2.0.14 | |
| postfix | postfix | 2.0.15 | |
| postfix | postfix | 2.0.16 | |
| postfix | postfix | 2.0.17 | |
| postfix | postfix | 2.0.18 | |
| postfix | postfix | 2.0.19 | |
| postfix | postfix | 2.1.0 | |
| postfix | postfix | 2.1.1 | |
| postfix | postfix | 2.1.2 | |
| postfix | postfix | 2.1.3 | |
| postfix | postfix | 2.1.4 | |
| postfix | postfix | 2.1.5 | |
| postfix | postfix | 2.1.6 | |
| postfix | postfix | 2.2.0 | |
| postfix | postfix | 2.2.1 | |
| postfix | postfix | 2.2.2 | |
| postfix | postfix | 2.2.3 | |
| postfix | postfix | 2.2.4 | |
| postfix | postfix | 2.2.5 | |
| postfix | postfix | 2.2.6 | |
| postfix | postfix | 2.2.7 | |
| postfix | postfix | 2.2.8 | |
| postfix | postfix | 2.2.9 | |
| postfix | postfix | 2.2.10 | |
| postfix | postfix | 2.2.11 | |
| postfix | postfix | 2.2.12 | |
| postfix | postfix | 2.3 | |
| postfix | postfix | 2.3.1 | |
| postfix | postfix | 2.3.2 | |
| postfix | postfix | 2.3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23A80121-F089-4DE1-8086-7454D66E8FEA",
"versionEndIncluding": "2.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5D16A3-59DA-407B-82E4-65C39EBD3710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5DF3A2-5F47-4D2A-802B-CE53872DDEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7A4BE9-7CBE-404F-B577-933AC26E6E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8872C496-2430-4EA6-B417-51C6877B874A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9646BA-E57D-4E1D-BF1A-FA137CA00ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "66B95D87-5B0B-48F6-8379-2521CFDE7CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A09799F5-6084-4F06-B851-4FEA7873BF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9230082E-FE88-4001-A614-43E8DD76471B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "258010A6-6B75-4663-AD5C-E7AD48B38DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "602E668A-1343-457B-B0E1-CAB3CCA05BD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "83C3C7F7-016F-458B-B40D-E06080552045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FE51A934-BFD2-4E61-9827-A934995BDCAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF57DB8-3D17-4868-9FDF-81A0645FBC5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1BDE9CC6-A7C7-4B0E-A341-E441EF9C33FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7D7ECFA4-01CF-4C44-949D-7781767B724A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A568A8FC-7BB0-431B-8BFE-1BF28DD545B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "B2273956-8CEB-439E-8841-953580AE673D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E074865-92E2-4AFC-8542-00273FDFACEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1274628A-B6F8-48DA-A7B0-7629362A0383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAE9B3D-C867-4100-9F1A-1A925E6BCA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "123ED520-D9A9-457E-B0FF-2164678F2FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F03CC36-4E01-4298-8BF2-208EC2126E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DA763611-3C94-40EB-AC16-F6860FCBFDAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8725859-159E-49A5-91F2-12A6B300AE76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3B5347-F7FD-4291-8535-9D71F9F49568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2750F62-79D5-41ED-8624-4DC36A23A03D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D09CC9-07C8-42C7-B7B2-25251C8615A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F28A5B6A-466B-4B24-9BD4-9DE15642A724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E7B624-C991-4EA1-A977-6C06F57B4E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E899C1C0-18D1-43DE-BC55-C3C14F5395D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F2CA7C-1BCE-4EBB-BFAA-6C27F03CAC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "903BF741-FD7E-41F7-802D-88A09B7EFFFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0A444A-E6FE-4585-BA6C-6061A87C6144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "161082B7-A757-496C-9D35-681851CEA10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B02E2034-BB39-4B86-81CA-3BB93A4E4849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "29CF0FA6-F4F6-4A4B-89A6-057F835FFE89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0055B0EA-775F-4670-A3F9-C1676DBB97D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "363704AE-66A9-4B58-A57E-47748F299471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5226F933-9FB6-4BF6-AC3B-1A22D22F92F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0066AE84-D27D-4E9B-851B-40EDFD07C0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B739C7B-93CC-4367-B006-E8A721ECBCF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE8A81E-3856-4908-B7B7-9CF511CA2A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B935272-1EC7-4C70-8299-9DC7594809EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1647690F-D015-4DC4-9FB7-F5E9F0C430D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Postfix Admin (tambi\u00e9n conocido como postfixadmin) anterior a 2.3.5 permiten a usuarios remotos autenticados ejecutar comandos SQL a trav\u00e9s de (1) el par\u00e1metro pw en la funci\u00f3n pacrypt, cuando mysql_encrypt est\u00e1 configurado, o (2) vectores no especificados que se utilizan en los ficheros de las copias de seguridad generados por backup.php."
}
],
"id": "CVE-2012-0811",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-01T14:55:10.120",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/01/27/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/51680"
},
{
"source": "secalert@redhat.com",
"url": "https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/01/27/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/51680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-24 05:15
Modified
2024-11-21 08:38
Severity ?
Summary
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2023/12/24/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2023/12/25/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2024/05/09/3 | ||
| cve@mitre.org | https://access.redhat.com/security/cve/CVE-2023-51764 | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=2255563 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html | Technical Description | |
| cve@mitre.org | https://github.com/duy-31/CVE-2023-51764 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/eeenvik1/CVE-2023-51764 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/ | ||
| cve@mitre.org | https://lwn.net/Articles/956533/ | ||
| cve@mitre.org | https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ | Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2024/01/22/1 | ||
| cve@mitre.org | https://www.postfix.org/announcements/postfix-3.8.5.html | ||
| cve@mitre.org | https://www.postfix.org/smtp-smuggling.html | Exploit, Mitigation, Vendor Advisory | |
| cve@mitre.org | https://www.youtube.com/watch?v=V8KPV96g1To | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/12/24/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/12/25/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/05/09/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-51764 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2255563 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html | Technical Description | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/duy-31/CVE-2023-51764 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/eeenvik1/CVE-2023-51764 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lwn.net/Articles/956533/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ | Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2024/01/22/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.postfix.org/announcements/postfix-3.8.5.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.postfix.org/smtp-smuggling.html | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.youtube.com/watch?v=V8KPV96g1To | Exploit |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| postfix | postfix | * | |
| postfix | postfix | * | |
| postfix | postfix | * | |
| postfix | postfix | * | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0598FFA3-9DB8-4D01-9049-3834B6B53000",
"versionEndExcluding": "3.5.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD4364D-F93C-499E-8ECA-5228354D20B6",
"versionEndExcluding": "3.6.13",
"versionStartIncluding": "3.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7174307B-1249-47B5-BE66-9194AC26BA15",
"versionEndExcluding": "3.7.9",
"versionStartIncluding": "3.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A422C34-3E0E-4C3F-8EA9-4F442D88057D",
"versionEndExcluding": "3.8.4",
"versionStartIncluding": "3.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports \u003cLF\u003e.\u003cCR\u003e\u003cLF\u003e but some other popular e-mail servers do not. To prevent attack variants (by always disallowing \u003cLF\u003e without \u003cCR\u003e), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9."
},
{
"lang": "es",
"value": "Postfix hasta 3.8.4 permite el contrabando SMTP a menos que se configure con smtpd_data_restrictions=reject_unauth_pipelining (u otras opciones que existen en versiones recientes). Los atacantes remotos pueden utilizar una t\u00e9cnica de explotaci\u00f3n publicada para inyectar mensajes de correo electr\u00f3nico que parecen originarse en el servidor Postfix, lo que permite omitir un mecanismo de protecci\u00f3n SPF. Esto ocurre porque Postfix admite . pero algunos otros servidores de correo electr\u00f3nico populares no lo hacen. Para evitar variantes de ataque (al no permitir siempre sin ), se requiere una soluci\u00f3n diferente: la opci\u00f3n smtpd_forbid_bare_newline=yes con una versi\u00f3n m\u00ednima de Postfix de 3.5.23, 3.6.13, 3.7.9, 3.8.4, o 3.9."
}
],
"id": "CVE-2023-51764",
"lastModified": "2024-11-21T08:38:44.733",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-24T05:15:08.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2024/05/09/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-51764"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255563"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/duy-31/CVE-2023-51764"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/eeenvik1/CVE-2023-51764"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/"
},
{
"source": "cve@mitre.org",
"url": "https://lwn.net/Articles/956533/"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"source": "cve@mitre.org",
"url": "https://www.openwall.com/lists/oss-security/2024/01/22/1"
},
{
"source": "cve@mitre.org",
"url": "https://www.postfix.org/announcements/postfix-3.8.5.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.postfix.org/smtp-smuggling.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/05/09/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-51764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/duy-31/CVE-2023-51764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/eeenvik1/CVE-2023-51764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lwn.net/Articles/956533/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.openwall.com/lists/oss-security/2024/01/22/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.postfix.org/announcements/postfix-3.8.5.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.postfix.org/smtp-smuggling.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-16 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 | ||
| cret@cert.org | http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html | ||
| cret@cert.org | http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056559.html | ||
| cret@cert.org | http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056560.html | ||
| cret@cert.org | http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html | ||
| cret@cert.org | http://secunia.com/advisories/43646 | Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/43874 | ||
| cret@cert.org | http://security.gentoo.org/glsa/glsa-201206-33.xml | ||
| cret@cert.org | http://securitytracker.com/id?1025179 | ||
| cret@cert.org | http://support.apple.com/kb/HT5002 | ||
| cret@cert.org | http://www.debian.org/security/2011/dsa-2233 | ||
| cret@cert.org | http://www.kb.cert.org/vuls/id/555316 | US Government Resource | |
| cret@cert.org | http://www.kb.cert.org/vuls/id/MORO-8ELH6Z | US Government Resource | |
| cret@cert.org | http://www.openwall.com/lists/oss-security/2021/08/10/2 | ||
| cret@cert.org | http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html | ||
| cret@cert.org | http://www.osvdb.org/71021 | ||
| cret@cert.org | http://www.postfix.org/CVE-2011-0411.html | Exploit, Vendor Advisory | |
| cret@cert.org | http://www.redhat.com/support/errata/RHSA-2011-0422.html | ||
| cret@cert.org | http://www.redhat.com/support/errata/RHSA-2011-0423.html | ||
| cret@cert.org | http://www.securityfocus.com/bid/46767 | ||
| cret@cert.org | http://www.vupen.com/english/advisories/2011/0611 | Vendor Advisory | |
| cret@cert.org | http://www.vupen.com/english/advisories/2011/0752 | ||
| cret@cert.org | http://www.vupen.com/english/advisories/2011/0891 | ||
| cret@cert.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/65932 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056559.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056560.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43646 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43874 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201206-33.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1025179 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5002 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2233 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/555316 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/MORO-8ELH6Z | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/08/10/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/71021 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.postfix.org/CVE-2011-0411.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0422.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0423.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/46767 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0611 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0752 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0891 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/65932 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| postfix | postfix | 2.4 | |
| postfix | postfix | 2.4.0 | |
| postfix | postfix | 2.4.1 | |
| postfix | postfix | 2.4.2 | |
| postfix | postfix | 2.4.3 | |
| postfix | postfix | 2.4.4 | |
| postfix | postfix | 2.4.5 | |
| postfix | postfix | 2.4.6 | |
| postfix | postfix | 2.4.7 | |
| postfix | postfix | 2.4.8 | |
| postfix | postfix | 2.4.9 | |
| postfix | postfix | 2.4.10 | |
| postfix | postfix | 2.4.11 | |
| postfix | postfix | 2.4.12 | |
| postfix | postfix | 2.4.13 | |
| postfix | postfix | 2.4.14 | |
| postfix | postfix | 2.4.15 | |
| postfix | postfix | 2.5.0 | |
| postfix | postfix | 2.5.1 | |
| postfix | postfix | 2.5.2 | |
| postfix | postfix | 2.5.3 | |
| postfix | postfix | 2.5.4 | |
| postfix | postfix | 2.5.5 | |
| postfix | postfix | 2.5.6 | |
| postfix | postfix | 2.5.7 | |
| postfix | postfix | 2.5.8 | |
| postfix | postfix | 2.5.9 | |
| postfix | postfix | 2.5.10 | |
| postfix | postfix | 2.5.11 | |
| postfix | postfix | 2.6 | |
| postfix | postfix | 2.6.0 | |
| postfix | postfix | 2.6.1 | |
| postfix | postfix | 2.6.2 | |
| postfix | postfix | 2.6.3 | |
| postfix | postfix | 2.6.4 | |
| postfix | postfix | 2.6.5 | |
| postfix | postfix | 2.6.6 | |
| postfix | postfix | 2.6.7 | |
| postfix | postfix | 2.6.8 | |
| postfix | postfix | 2.7.0 | |
| postfix | postfix | 2.7.1 | |
| postfix | postfix | 2.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "998D1069-1CF5-42C5-8668-49D72E2D2F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2138A68-3F3D-4C7E-9FEB-2C8A445F2789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5E0EB5-ECC6-4573-9EA7-83E5741DA3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "790C02A8-95DD-42BE-8A1C-1C6D6DDCC443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0034F2-585D-4A98-8428-996A726712DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B162B5-DEF5-46AD-87D1-734B3B637D46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF3730A-0FFD-4C23-B758-BBA67CC9CD92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "10E8E5E2-5674-40D5-AD86-8C4DDB442EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "690EDC73-47B5-4891-86A5-37B6ED80E145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B751BA4B-B7C8-4A87-A03C-5C91678FC832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "08943D31-2139-45D3-A0DB-0C11C31875CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "591FB74F-BD86-4314-A359-739A245D2642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2EF7B2-943F-4DFA-8249-7FC0F9FB0312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9B3AFC1E-01FF-4F91-8C82-5C16378812C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "95E552B8-8B26-4DEE-BC6A-BC0B01C42474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "66E26194-A7E6-4A99-8F55-7422A7E9BAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "58097735-FE3B-48B7-B5EA-3CD530E16031",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA31260C-1C67-4E76-9F56-2359BFA0B197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DE90BD-B5F9-4762-B086-130AB04F3CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD5258B-C9DE-47BD-9172-27618F220201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC95B8DD-C8C6-4FC4-81A5-23D7669DA22A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "894002C8-F3C1-4241-96FE-C088BBD0FCED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C91BA7D1-2A5B-4721-8E13-6520D6F0114B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE79FBB-801F-4B1E-8FB8-CB2A1FAF6EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "253DB571-62B7-4015-A758-9DE55AAB8B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AF9D8C-B11C-4681-84CE-5C86926C85F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "955FBDF4-5103-4B19-A5F1-9468F73C7A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAC0FF5-9699-4011-8C07-5DDAF13B64A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1E6461-2F2A-49C5-9B2B-08DE418F2F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B3F710-13EF-4A36-B191-E0FCC1D98E23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB5988E-D04B-43B9-A980-82FD44D1D198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1021E-587D-47D3-80E8-43D9CCB4BD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC9B923-222D-4F7F-970C-0B9ADF4E86F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D31B75AE-FF82-4B70-BDEC-4B0FA791A085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C148A9D5-8899-4956-BE45-C4DBD4A2BE08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "558A2B97-6582-445F-991C-4DD530E991DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56509587-6CE6-4497-B571-0A014E1FE064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1B24CEB4-4F57-46CB-990B-AB664CEC96EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5044BFB-4F00-4FFC-9A66-2FDC666B6C2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "827897F6-2A24-45EC-A072-8C02BA726069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3CFD6A-86E2-4E7B-BAC2-3163FC7DBF17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de STARTTLS de Postfix 2.4.x anteriores a 2.4.16, 2.5.x anteriores a 2.5.12, 2.6.x anteriores a 2.6.9, y 2.7.x anteriores a 2.7.3 no restringe apropiadamente el buffering de I/O, lo que permite a atacantes man-in-the-middle insertar comandos en sesiones SMTP encriptadas enviando un comando en texto claro que es procesado despu\u00e9s de que TLS es iniciado. Relacionado con un ataque de \"inyecci\u00f3n de comandos de texto en claro\"."
}
],
"id": "CVE-2011-0411",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-03-16T22:55:02.717",
"references": [
{
"source": "cret@cert.org",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "cret@cert.org",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056559.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056560.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43646"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/43874"
},
{
"source": "cret@cert.org",
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1025179"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "cret@cert.org",
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MORO-8ELH6Z"
},
{
"source": "cret@cert.org",
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/2"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"source": "cret@cert.org",
"url": "http://www.osvdb.org/71021"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.postfix.org/CVE-2011-0411.html"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0423.html"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/46767"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0611"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2011/0752"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2011/0891"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056559.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056560.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MORO-8ELH6Z"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/71021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.postfix.org/CVE-2011-0411.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0423.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-08-18 19:41
Modified
2025-04-09 00:30
Severity ?
Summary
Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY | ||
| secalert@redhat.com | ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY | ||
| secalert@redhat.com | ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY | ||
| secalert@redhat.com | ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY | ||
| secalert@redhat.com | http://article.gmane.org/gmane.mail.postfix.announce/110 | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html | ||
| secalert@redhat.com | http://secunia.com/advisories/31469 | ||
| secalert@redhat.com | http://secunia.com/advisories/31474 | ||
| secalert@redhat.com | http://secunia.com/advisories/31477 | ||
| secalert@redhat.com | http://secunia.com/advisories/31485 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/31500 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/31530 | ||
| secalert@redhat.com | http://secunia.com/advisories/32231 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200808-12.xml | ||
| secalert@redhat.com | http://securityreason.com/securityalert/4160 | ||
| secalert@redhat.com | http://wiki.rpath.com/Advisories:rPSA-2008-0259 | ||
| secalert@redhat.com | http://www.debian.org/security/2008/dsa-1629 | ||
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/938323 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2008:171 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2008-0839.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/495474/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/495632/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/495882/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/30691 | Patch | |
| secalert@redhat.com | http://www.securitytracker.com/id?1020700 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2008/2385 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/44460 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-2689 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033 | ||
| secalert@redhat.com | https://usn.ubuntu.com/636-1/ | ||
| secalert@redhat.com | https://www.exploit-db.com/exploits/6337 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://article.gmane.org/gmane.mail.postfix.announce/110 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31469 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31474 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31485 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31500 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31530 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32231 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200808-12.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/4160 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2008-0259 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1629 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/938323 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:171 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0839.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495474/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495632/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495882/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/30691 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1020700 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2385 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/44460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2689 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/636-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/6337 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| postfix | postfix | 2.3.0 | |
| postfix | postfix | 2.3.1 | |
| postfix | postfix | 2.3.2 | |
| postfix | postfix | 2.3.3 | |
| postfix | postfix | 2.3.4 | |
| postfix | postfix | 2.3.5 | |
| postfix | postfix | 2.3.6 | |
| postfix | postfix | 2.3.7 | |
| postfix | postfix | 2.3.8 | |
| postfix | postfix | 2.3.9 | |
| postfix | postfix | 2.3.10 | |
| postfix | postfix | 2.3.11 | |
| postfix | postfix | 2.3.12 | |
| postfix | postfix | 2.3.13 | |
| postfix | postfix | 2.3.14 | |
| postfix | postfix | 2.4.0 | |
| postfix | postfix | 2.4.1 | |
| postfix | postfix | 2.4.2 | |
| postfix | postfix | 2.4.3 | |
| postfix | postfix | 2.4.4 | |
| postfix | postfix | 2.4.5 | |
| postfix | postfix | 2.4.6 | |
| postfix | postfix | 2.4.7 | |
| postfix | postfix | 2.5.0 | |
| postfix | postfix | 2.5.1 | |
| postfix | postfix | 2.5.2 | |
| postfix | postfix | 2.5.3 | |
| postfix | postfix | 2.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F08A3C19-AEB6-4E0C-A41D-01024DC0A25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE8A81E-3856-4908-B7B7-9CF511CA2A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B935272-1EC7-4C70-8299-9DC7594809EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1647690F-D015-4DC4-9FB7-F5E9F0C430D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A814997B-A612-493F-AA85-BA5A187A91FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "449E9764-54F4-46F9-9E4D-F2C96EC5F37E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4A15A5-0994-4A3B-B4CD-1C5D9F411FDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3FB858-1B20-450B-9181-A1FE1C2B9DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBD449-6F03-4EFE-8C87-B5014F0381F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBD42EA-B31E-4E37-BF28-FEBB18369A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B92BCC42-6E9F-44CB-A755-004B6DBD9D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67A4AE-2C1C-49D6-9F53-05CAB51273E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7A64D948-9441-492F-B9E5-DE5D5A3D7266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7BCB67-AF9E-4343-827B-D783C71BAF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "265AD494-E5EB-423B-9C20-62BCB1C3B9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2138A68-3F3D-4C7E-9FEB-2C8A445F2789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5E0EB5-ECC6-4573-9EA7-83E5741DA3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "790C02A8-95DD-42BE-8A1C-1C6D6DDCC443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0034F2-585D-4A98-8428-996A726712DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B162B5-DEF5-46AD-87D1-734B3B637D46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF3730A-0FFD-4C23-B758-BBA67CC9CD92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "10E8E5E2-5674-40D5-AD86-8C4DDB442EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "690EDC73-47B5-4891-86A5-37B6ED80E145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA31260C-1C67-4E76-9F56-2359BFA0B197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DE90BD-B5F9-4762-B086-130AB04F3CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD5258B-C9DE-47BD-9172-27618F220201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B3F710-13EF-4A36-B191-E0FCC1D98E23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script."
},
{
"lang": "es",
"value": "Postfix antes de 2.3.15, 2.4 anterior a 2.4.8, 2.5 anterior a 2.5.4 y 2.6 antes de 2.6-20080814, cuando el sistema operativo admite enlaces duros (hard links) a enlaces simb\u00f3licos, permite a usuarios locales a\u00f1adir mensajes de correo a un archivo al que apunta un enlace simb\u00f3lico propiedad de root, creando un enlace duro a este enlace simb\u00f3lico y enviando un mensaje despu\u00e9s. NOTA: esto puede ser utilizado para obtener privilegios si hay un enlace simb\u00f3lico a un script init."
}
],
"evaluatorComment": "Please refer to the following links for additional version information (vendor release notes):\r\n\r\n\r\nPostfix 2.3 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.3.15.RELEASE_NOTES\r\n\r\nPostfix 2.4 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.4.8.RELEASE_NOTES\r\n\r\nPostfix 2.5 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.5.4.RELEASE_NOTES\r\n\r\nPostfix 2.6 - ftp://mirrors.loonybin.net/pub/postfix/experimental/postfix-2.6-20080814.RELEASE_NOTES",
"id": "CVE-2008-2936",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-08-18T19:41:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
},
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
},
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
},
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
},
{
"source": "secalert@redhat.com",
"url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/31469"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/31474"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/31477"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31485"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31500"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/31530"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/32231"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/4160"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2008/dsa-1629"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/938323"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/30691"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1020700"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2008/2385"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-2689"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/636-1/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.exploit-db.com/exploits/6337"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/938323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/30691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/636-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/6337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-21 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2011/dsa-2233 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2009/09/18/6 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2233 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2009/09/18/6 | Exploit |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| postfix | postfix | 2.5.5 | |
| debian | debian_linux | 6.06 | |
| ubuntu | ubuntu_linux | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "894002C8-F3C1-4241-96FE-C088BBD0FCED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "67D47FA7-B5AF-4580-8BA7-8408D98D1F26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F22916E8-84BE-444D-9B99-199FE8E0F665",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files."
},
{
"lang": "es",
"value": "El script postfix.postinst en el paquete postfix v2.5.5 de Debian GNU/Linux y Ubuntu permite acceso de escritura al usuario postfix en /var/spool/postfix/pid, permitiendo a usuarios locales dirigir ataques de enlaces simb\u00f3licos que sobrescriban ficheros de su elecci\u00f3n."
}
],
"id": "CVE-2009-2939",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-21T19:30:00.390",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/18/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/18/6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}