Postfix Cyrus SASL Authentication Context Data Reuse Memory Corruption (exploit)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.

Synopsis :

The remote mail server is affected by a memory corruption

Description :

The Postfix mail server listening on this port appears vulnerable to
a memory corruption attack as Nessus was able to crash an SMTP session
with this host by using two different authentication methods in one

Note that code execution as the unprivileged postfix user may also be

See also :

Solution :

Upgrade to Postfix 2.5.13 / 2.6.19 / 2.7.4 / 2.8.3 or later.

Risk factor :

Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.0
Public Exploit Available : false

Family: SMTP problems

Nessus Plugin ID: 54584 ()

Bugtraq ID: 47778

CVE ID: CVE-2011-1720