CVE-2005-0337

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

116

postfix

mail relaying

cve-2005-0337

email restrictions

security vulnerability

ipv6

6.8 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.026 Low

EPSS

Percentile

90.3%

JSON

Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.

CPENameOperatorVersion
wietse_venema:postfixwietse venema postfixeq2.1.3
redhat:enterprise_linuxredhat enterprise linuxeq4.0
suse:suse_linuxsuse suse linuxeq9.2
suse:suse_linuxsuse suse linuxeq9.0
suse:suse_linuxsuse suse linuxeq8.2
suse:suse_linuxsuse suse linuxeq8.0
suse:suse_linuxsuse suse linuxeq9.1
redhat:enterprise_linux_desktopredhat enterprise linux desktopeq4.0
suse:suse_linuxsuse suse linuxeq8.1

CPE	Name	Operator	Version
wietse_venema:postfix	wietse venema postfix	eq	2.1.3
redhat:enterprise_linux	redhat enterprise linux	eq	4.0
suse:suse_linux	suse suse linux	eq	9.2
suse:suse_linux	suse suse linux	eq	9.0
suse:suse_linux	suse suse linux	eq	8.2
suse:suse_linux	suse suse linux	eq	8.0
suse:suse_linux	suse suse linux	eq	9.1
redhat:enterprise_linux_desktop	redhat enterprise linux desktop	eq	4.0
suse:suse_linux	suse suse linux	eq	8.1