CVE Vulnerabilities

CVE-2003-0468

Published: Aug 27, 2003 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct bounce scans or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a ! string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.

Affected Software

Name Vendor Start Version End Version
Postfix Wietse_venema 1.0.21 (including) 1.0.21 (including)
Postfix Wietse_venema 1.1.11 (including) 1.1.11 (including)
Postfix Wietse_venema 1999-09-06 (including) 1999-09-06 (including)
Postfix Wietse_venema 1999-12-31 (including) 1999-12-31 (including)
Postfix Wietse_venema 2000-02-28 (including) 2000-02-28 (including)
Postfix Wietse_venema 2001-11-15 (including) 2001-11-15 (including)
Linux Conectiva 7.0 (including) 7.0 (including)
Linux Conectiva 8.0 (including) 8.0 (including)
Red Hat Linux 7.3 RedHat *
Red Hat Linux 8.0 RedHat *
Red Hat Linux 9 RedHat *

References