Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-2233-1 postfix -- several vulnerabilities

Related Vulnerabilities: CVE-2009-2939   CVE-2011-0411   CVE-2011-1720  

Several vulnerabilities were discovered in Postfix, a mail transfer agent. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2939 The postinst script grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files. CVE-2011-0411 The STARTTLS implementation does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place. CVE-2011-1720 A heap-based read-only buffer overflow allows malicious clients to crash the smtpd server process using a crafted SASL authentication request. For the oldstable distribution (lenny), this problem has been fixed in version 2.5.5-1.1+lenny1. For the stable distribution (squeeze), this problem has been fixed in version 2.7.1-1+squeeze1. For the unstable distribution (sid), this problem has been fixed in version 2.8.0-1. We recommend that you upgrade your postfix packages.

Source

Debian Security Advisory

DSA-2233-1 postfix -- several vulnerabilities

Date Reported:
10 May 2011
Affected Packages:
postfix
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2009-2939, CVE-2011-0411, CVE-2011-1720.
More information:

Several vulnerabilities were discovered in Postfix, a mail transfer agent. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2009-2939

    The postinst script grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.

  • CVE-2011-0411

    The STARTTLS implementation does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place.

  • CVE-2011-1720

    A heap-based read-only buffer overflow allows malicious clients to crash the smtpd server process using a crafted SASL authentication request.

For the oldstable distribution (lenny), this problem has been fixed in version 2.5.5-1.1+lenny1.

For the stable distribution (squeeze), this problem has been fixed in version 2.7.1-1+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 2.8.0-1.

We recommend that you upgrade your postfix packages.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started