Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2003-2022 and is owned by Tenable, Inc. or an Affiliate thereof.POSTFIX_VULNS.NASL
HistoryAug 15, 2003 - 12:00 a.m.

Postfix < 2.0 Multiple Vulnerabilities

2003-08-1500:00:00
This script is Copyright (C) 2003-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
45

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.077 Low

EPSS

Percentile

94.2%

JSON

The remote host is running a version of Postfix that is as old as or older than 1.1.12.

There are two vulnerabilities in this version that could allow an attacker to remotely disable it, or to be used as a DDoS agent against arbitrary hosts.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(11820);
  script_version("1.25");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id("CVE-2003-0468", "CVE-2003-0540");
  script_bugtraq_id(8361, 8362);
  script_xref(name:"RHSA", value:"2003:251-01");
  script_xref(name:"SuSE", value:"SUSE-SA:2003:033");

  script_name(english:"Postfix < 2.0 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"The remote server is vulnerable to a denial of service.");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of Postfix that is as old as or 
older than 1.1.12.

There are two vulnerabilities in this version that could allow an 
attacker to remotely disable it, or to be used as a DDoS agent against 
arbitrary hosts.");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Postfix 2.0.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2003-0468");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2003/08/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2003/08/15");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:postfix:postfix");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SMTP problems");

  script_copyright(english:"This script is Copyright (C) 2003-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smtpscan.nasl", "smtpserver_detect.nasl");
  script_require_keys("Settings/ParanoidReport");
  script_require_ports("Services/smtp", 25);

  exit(0);
}

include("global_settings.inc");
include("audit.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

port = get_kb_item("Services/smtp");
if(!port)port = 25;

banner = get_kb_item("smtp/" + port + "/real_banner");

if(!banner) banner = get_kb_item_or_exit("smtp/" + port + "/banner");

if(preg(pattern:".*Postfix 1\.(0\..*|1\.([0-9][^0-9]|1[0-2]))", string:banner)||
   preg(pattern:".*Postfix 2001.*", string:banner))
{
 security_warning(port);
}
VendorProductVersionCPE
postfixpostfixcpe:/a:postfix:postfix

Related

nessus 3
cert 1
exploitpack 2
openvas 2
suse 1
debian 1
securityvulns 1
seebug 2
osv 1
exploitdb 2
cvelist 2
cve 2
nvd 2
debiancve 2
nessus
nessus
Debian DSA-363-1 : postfix - denial of service, bounce-scanning
2004-09-29 00:00:00
SUSE-SA:2003:033: postfix
2004-07-25 00:00:00
Mandrake Linux Security Advisory : postfix (MDKSA-2003:081)
2004-07-31 00:00:00
cert
cert
Postfix vulnerable to DoS by supplying a remote SMTP listener with a malformed envelope address
2003-08-11 00:00:00
exploitpack
exploitpack
Postfix 1.1.x - Denial of Service (1)
2003-08-04 00:00:00
Postfix 1.1.x - Denial of Service (2)
2003-08-04 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-363)
2008-01-17 00:00:00
Debian Security Advisory DSA 363-1 (postfix)
2008-01-17 00:00:00
suse
suse
remote Denial of Service (DoS) attack in postfix
2003-08-04 12:19:27
debian
debian
[SECURITY] [DSA-363-1] New postfix packages fix remote denial of service, bounce scanning
2003-08-03 22:25:40
securityvulns
securityvulns
[Full-Disclosure] Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning
2003-08-04 00:00:00
seebug
seebug
Postfix 1.1.x Denial of Service Vulnerabilities (2)
2014-07-01 00:00:00
Postfix 1.1.x Denial of Service Vulnerabilities (1)
2014-07-01 00:00:00
osv
osv
postfix - denial of service, bounce-scanning
2003-08-03 00:00:00
exploitdb
exploitdb
Postfix 1.1.x - Denial of Service (1)
2003-08-04 00:00:00
Postfix 1.1.x - Denial of Service (2)
2003-08-04 00:00:00
cvelist
cvelist
CVE-2003-0540
2003-08-05 04:00:00
CVE-2003-0468
2003-08-05 04:00:00
cve
cve
CVE-2003-0468
2003-08-27 04:00:00
CVE-2003-0540
2003-08-27 04:00:00
nvd
nvd
CVE-2003-0468
2003-08-27 04:00:00
CVE-2003-0540
2003-08-27 04:00:00
debiancve
debiancve
CVE-2003-0468
2003-08-27 04:00:00
CVE-2003-0540
2003-08-27 04:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.077 Low

EPSS

Percentile

94.2%

JSON
Related for POSTFIX_VULNS.NASL
nessus3cert1exploitpack2openvas2suse1debian1securityvulns1seebug2osv1exploitdb2cvelist2cve2nvd2debiancve2