Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0894

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-0894
Last Modified 10 Sep 2008 03:09:10
Published 11 Nov 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0894

Summary

Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number of SMTP errors, which forces the SMTP session log to grow too large.

Vulnerable Systems

Application

  • Wietse Venema Postfix 1999-09-06

  • Wietse Venema Postfix 1999-12-31

  • Wietse Venema Postfix 2000-02-28


References

XF - postfix-smtp-log-dos(7568)

BID - 3544

DEBIAN - DSA-093

BUGTRAQ - 20011115 Postfix session log memory exhaustion bugfix

REDHAT - RHSA-2001:156

MANDRAKE - MDKSA-2001:089

CONECTIVA - CLA-2001:439


Last Updated: 27 May 2016 10:36:26