Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2003-0468

Published: Aug 27, 2003 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2003-0468
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct bounce scans or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a ! string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.

Affected Software

Name Vendor Start Version End Version
Postfix Wietse_venema 1.0.21 (including) 1.0.21 (including)
Postfix Wietse_venema 1.1.11 (including) 1.1.11 (including)
Postfix Wietse_venema 1999-09-06 (including) 1999-09-06 (including)
Postfix Wietse_venema 1999-12-31 (including) 1999-12-31 (including)
Postfix Wietse_venema 2000-02-28 (including) 2000-02-28 (including)
Postfix Wietse_venema 2001-11-15 (including) 2001-11-15 (including)
Linux Conectiva 7.0 (including) 7.0 (including)
Linux Conectiva 8.0 (including) 8.0 (including)
Red Hat Linux 7.3 RedHat *
Red Hat Linux 8.0 RedHat *
Red Hat Linux 9 RedHat *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use