Fedora 9 : postfix-2.5.5-1.fc9 (2008-8593)

New upstream patch level version 2.5.5, including multiple security fixes detailed in upstream announcements: http://www.postfix.org/announcements/20080814.html http://www.postfix.org/announcements/20080902.html Note that Tenable Network Security has extracted the preceding description block...

Fedora 8 : postfix-2.5.5-1.fc8 (2008-8595)

New upstream patch level version 2.5.5, including multiple security fixes detailed in upstream announcements: http://www.postfix.org/announcements/20080814.html http://www.postfix.org/announcements/20080902.html Note that Tenable Network Security has extracted the preceding description block...

Mac OS X Multiple Vulnerabilities (Security Update 2008-007)

The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-007 applied. This security update contains fixes for the following products : - Apache - Certificates - ClamAV - ColorSync - CUPS - Finder - launchd - libxslt - MySQL Server - Networking - PH...

[SECURITY] Fedora 8 Update: postfix-2.5.5-1.fc8

Postfix is a Mail Transport Agent MTA, supporting LDAP, SMTP AUTH SASL, TLS...

Postfix epoll File Descriptor Leak Local DoS

According to its banner, the version of Postfix running on the remote host leaks 'epoll' file descriptors when it executes non-Postfix commands from, say, a user's .forward file. A local attacker can access the leaked epoll descriptor to launch a denial of service attack against Postfix. Note tha...

Postfix Detection

Binary data 4695.prm...

Gentoo Security Advisory GLSA 200803-30 (ssl-cert.eclass)

The remote host is missing updates announced in advisory GLSA 200803-30. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200808-12 (postfix)

The remote host is missing updates announced in advisory GLSA 200808-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200809-09 (postfix)

The remote host is missing updates announced in advisory GLSA 200809-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200809-09 (postfix)

The remote host is missing updates announced in advisory GLSA 200809-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200803-30 (ssl-cert.eclass)

The remote host is missing updates announced in advisory GLSA 200803-30. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200808-12 (postfix)

The remote host is missing updates announced in advisory GLSA 200808-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200809-09 : Postfix: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200809-09 Postfix: Denial of Service It has been discovered than Postfix leaks an epoll file descriptor when executing external commands, e.g. user-controlled $HOME/.forward or $HOME/.procmailrc files. NOTE: This vulnerability onl...

Postfix: Denial of service

Background Postfix is Wietse Venema's mailer that attempts to be fast, easy to administer, and secure, as an alternative to the widely-used Sendmail program. Description It has been discovered than Postfix leaks an epoll file descriptor when executing external commands, e.g. user-controlled...

openSUSE 10 Security Update : postfix (postfix-5603)

When exectuting external programs postfix didn't close the file descriptor of the epoll system call. This could potentially be exploited to shutdown postfix CVE-2008-3889. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...

Postfix < 2.4.9, 2.5.5, 2.6-20080902 (.forward) Local DoS Exploit

No description provided by source. / http://www.wekk.net/research/CVE-2008-4042/CVE-2008-4042-exploit.c http://www.wekk.net/research/CVE-2008-3889/CVE-2008-3889-exploit.c Exploit for Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel...

Postfix < 2.4.9, 2.5.5, 2.6-20080902 (.forward) Local DoS Exploit

Exploit for multiple platform in category dos / poc ================================================================= Postfix - http://www.wekk.net and Marc Morata Fite 2008-09-16 This Proof of concept creates a pipe and adds it in the postfix's epoll file descriptor. When the pipe is added, an...

Postfix 2.4.92.5.52.6-20080902 - .forward Local Denial of Service

Postfix 2.4.92.5.52.6-20080902 - .forward Local Denial of Service / http://www.wekk.net/research/CVE-2008-4042/CVE-2008-4042-exploit.c http://www.wekk.net/research/CVE-2008-3889/CVE-2008-3889-exploit.c Exploit for Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used...

Postfix &lt; 2.4.9 2.5.5 2.6-20080902 (.forward) Local DoS Exploit

No description provided by source. / http://www.wekk.net/research/CVE-2008-4042/CVE-2008-4042-exploit.c http://www.wekk.net/research/CVE-2008-3889/CVE-2008-3889-exploit.c Exploit for Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel...

Postfix &lt; 2.4.9/2.5.5/2.6-20080902 - &#039;.forward&#039; Local Denial of Service

/ http://www.wekk.net/research/CVE-2008-4042/CVE-2008-4042-exploit.c http://www.wekk.net/research/CVE-2008-3889/CVE-2008-3889-exploit.c Exploit for Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel. CVE-2008-3889 & CVE-2008-4042 by Albert...