Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0337

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0337
Last Modified 21 Aug 2010 12:25:52
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0337

Summary

Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 4.0

  • Redhat Enterprise Linux Desktop 4.0

  • Suse Linux 8.0

  • Suse Linux 8.1

  • Suse Linux 8.2

  • Suse Linux 9.0

  • Suse Linux 9.1

  • Suse Linux 9.2

Application

  • Wietse Venema Postfix 2.1.3


References

XF - postfix-ipv6-security-bypass(19218)

BID - 12445

SECUNIA - 14137

BUGTRAQ - 20050204 [USN-74-1] Postfix vulnerability

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=267837

REDHAT - RHSA-2005:152


Last Updated: 27 May 2016 10:39:46