CVE-2003-0540

The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service lock via 1 a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or 2 v...

Postfix 1.1.x - Denial of Service (1)

Postfix 1.1.x - Denial of Service 1 // source: https://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported...

Postfix 1.1.x - Denial of Service (2)

Postfix 1.1.x - Denial of Service 2 source: https://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported that...

[Full-Disclosure] Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning

Good morning list, ,--. ,--. /-- / ======================================================= ' a a ======== 1. Posfix 1.1.12 remote DoS CAN-2003-0540 . ,---. , ========================================================oo'========= There is a remotely exploitable denial of service vulnerability in...

Postfix DoS

NULL pointer reference during address parsing, bounce portscanning via specially crafted address...

Postfix 1.1.x - Denial of Service (1)

// source: https://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported that this vulnerability can be...

Postfix 1.1.x - Denial of Service (2)

source: https://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported that this vulnerability can be exploited...

[SECURITY] [DSA-363-1] New postfix packages fix remote denial of service, bounce scanning

-------------------------------------------------------------------------- Debian Security Advisory DSA 363-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 3rd, 2003 http://www.debian.org/security/faq -...

DSA-363 postfix - denial of service, bounce-scanning

Bulletin has no description...

Amavis 0.1.6 - Header Parsing Mail Relaying

Amavis 0.1.6 - Header Parsing Mail Relaying source: https://www.securityfocus.com/bid/7306/info It has been reported that some versions of Amavis-ng do not properly interact with Postfix. Because of this, an attacker may be able to circumvent relay restrictions. telnet somemx.domain.tld 25 220...

Amavis 0.1.6 - Header Parsing Mail Relaying

source: https://www.securityfocus.com/bid/7306/info It has been reported that some versions of Amavis-ng do not properly interact with Postfix. Because of this, an attacker may be able to circumvent relay restrictions. telnet somemx.domain.tld 25 220 somemx.example.com ESMTP Postfix helo amavis-n...

CVE-2001-0894

Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service memory exhaustion by generating a large number of SMTP errors, which forces the SMTP session log...

CVE-2001-0894

Postfix SMTP server (pre-20010228-pl07) is affected by a remote DoS: when configured to email the postmaster on SMTP errors, a storm of errors can cause the SMTP session log to grow, leading to memory exhaustion. Debian advisory DSA-093-1 and OpenVAS/NESL entries corroborate a remote DoS due to e...

[SECURITY] [DSA-093-1] postfix memory exhaustion

Package : postfix Problem type : remote DoS Debian-specific: no Wietse Venema reported he found a denial of service vulnerability in postfix. The SMTP session log that postfix keeps for debugging purposes could grow to an unreasonable size. This has been fixed in version 0.0.19991231pl11-2. wget...

Postfix session log memory exhaustion bugfix

The Postfix SMTP server maintains a record of SMTP conversations for debugging purposes. Depending on local configuration details this record is mailed to the postmaster whenever an SMTP session terminates with errors. During code maintenance, a stupid error was introduced into the code due to...

DoS против postfix (memory exhaustion)

Отладочная информация накапливается в памяти без ограничения...

CVE-2001-0894

Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service memory exhaustion by generating a large number of SMTP errors, which forces the SMTP session log...

qmail-DoS.txt

Date: Mon, 4 Jan 1999 00:04:09 -0500 From: Wietse Venema To: [email protected] Subject: Anonymous Qmail Denial of Service In recent postings, Daniel Bernstein expands on the insecurity of the Postfix world-writable directory for local mail submission. Of all the attacks possible with such a...