1232 – Several vulnerabilities were discovered in Postfix, a mail transfer agent.

Bug 1232 - Several vulnerabilities were discovered in Postfix, a mail transfer agent.

Summary: Several vulnerabilities were discovered in Postfix, a mail transfer agent.

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	i586 Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:

URL:	http://lists.debian.org/debian-securi...
Whiteboard:
Keywords:

Duplicates (1):	1281 (view as bug list)
Depends on:
Blocks:	908
	Show dependency tree / graph

Reported:	2011-05-10 20:13 CEST by Jérôme Soyer
Modified:	2011-05-17 16:34 CEST (History)
CC List:	2 users (show)

See Also:
Source RPM:	postfix-2.7.1-4.mga1.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Jérôme Soyer 2011-05-10 20:13:38 CEST

CVE ID         : CVE-2009-2939 CVE-2011-0411 CVE-2011-1720

Several vulnerabilities were discovered in Postfix, a mail transfer
agent.  The Common Vulnerabilities and Exposures project identifies
the following problems:

CVE-2009-2939
        The postinst script grants the postfix user write access to
        /var/spool/postfix/pid, which might allow local users to
        conduct symlink attacks that overwrite arbitrary files.

CVE-2011-0411
        The STARTTLS implementation does not properly restrict I/O
        buffering, which allows man-in-the-middle attackers to insert
        commands into encrypted SMTP sessions by sending a cleartext
        command that is processed after TLS is in place.

CVE-2011-1720
        A heap-based read-only buffer overflow allows malicious
        clients to crash the smtpd server process using a crafted SASL
        authentication request.

Jérôme Soyer 2011-05-10 20:13:54 CEST

Depends on: (none) => 908

Michael Scherer 2011-05-15 02:22:11 CEST

CC: (none) => misc
Blocks: (none) => 908
Depends on: 908 => (none)

Comment 1 Michael Scherer 2011-05-15 02:23:04 CEST

We need to update to 2.7.4, as we have 2.7.1 now. Also, the bug 908 should be set as "block", not as "depend".

Comment 2 Michael Scherer 2011-05-15 02:24:01 CEST

*** Bug 1281 has been marked as a duplicate of this bug. ***

Comment 3 D Morgan 2011-05-17 16:34:24 CEST

postfix 2.7.4 is now in cauldron.

Status: NEW => RESOLVED
CC: (none) => dmorganec
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.