6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
postfix is vulnerable to command injection. It was discovered that Postfix did not flush the received SMTP commands buffer after switching to TLS encryption for an SMTP session. A man-in-the-middle attacker could use this flaw to inject SMTP commands into a victim’s session during the plain text phase. This would lead to those commands being processed by Postfix after TLS encryption is enabled, possibly allowing the attacker to steal the victim’s mail or authentication credentials.
CPE | Name | Operator | Version |
---|---|---|---|
postfix | eq | 2.2.10__1.2.1.el4_7 | |
postfix | eq | 2.2.10__1.1.el4 | |
postfix | eq | 2.3.3__2.1.el5_2 | |
postfix | eq | 2.6.6__2.el6 | |
postfix | eq | 2.2.10__1.2.el4 |
kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
lists.fedoraproject.org/pipermail/package-announce/2011-March/056559.html
lists.fedoraproject.org/pipermail/package-announce/2011-March/056560.html
lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
secunia.com/advisories/43646
secunia.com/advisories/43874
security.gentoo.org/glsa/glsa-201206-33.xml
securitytracker.com/id?1025179
support.apple.com/kb/HT5002
www.debian.org/security/2011/dsa-2233
www.kb.cert.org/vuls/id/555316
www.kb.cert.org/vuls/id/MORO-8ELH6Z
www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
www.osvdb.org/71021
www.postfix.org/CVE-2011-0411.html
www.redhat.com/support/errata/RHSA-2011-0422.html
www.redhat.com/support/errata/RHSA-2011-0423.html
www.securityfocus.com/bid/46767
www.vupen.com/english/advisories/2011/0611
www.vupen.com/english/advisories/2011/0752
www.vupen.com/english/advisories/2011/0891
access.redhat.com/errata/RHSA-2011:0423
access.redhat.com/security/updates/classification/#moderate
exchange.xforce.ibmcloud.com/vulnerabilities/65932