Postfix vulnerability

ID USN-74-1
Type ubuntu
Reporter Ubuntu
Modified 2005-02-04T00:00:00


Jean-Samuel Reynaud noticed a programming error in the IPv6 handling code of Postfix when /proc/net/if_inet6 is not available (which is the case in Ubuntu since Postfix runs in a chroot). If “permit_mx_backup” was enabled in the “smtpd_recipient_restrictions”, Postfix turned into an open relay, i. e. erroneously permitted the delivery of arbitrary mail to any MX host which has an IPv6 address.