Back to search
CVE-2003-0540
Published: Aug 5, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
CLA-2003:717
vendor-advisory
x_refsource_CONECTIVA
8333
vdb-entry
x_refsource_BID
20030804 Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning
mailing-list
x_refsource_FULLDISC
VU#895508
third-party-advisory
x_refsource_CERT-VN
2003-0029
vendor-advisory
x_refsource_TRUSTIX
MDKSA-2003:081
vendor-advisory
x_refsource_MANDRAKE
RHSA-2003:251
vendor-advisory
x_refsource_REDHAT
DSA-363
vendor-advisory
x_refsource_DEBIAN
20030804 Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning
mailing-list
x_refsource_BUGTRAQ
ESA-20030804-019
vendor-advisory
x_refsource_ENGARDE
SuSE-SA:2003:033
vendor-advisory
x_refsource_SUSE
oval:org.mitre.oval:def:544
vdb-entry
signature
x_refsource_OVAL
9433
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now