Mandrake Linux Security Advisory : postfix (MDKSA-2001:089)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing a security update.

Description :

Wietse Venema, the author of postfix, reported a vulnerability in the
SMTP server where a remote attacker could execute a Denial of Service
attack on it. The SMTP session log could grow to an unreasonable size
and could possibly exhause the server's memory if no other limits were
enforced.

See also :

http://www.securityfocus.com/archive/1/240354

Solution :

Update the affected postfix package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 13902 (mandrake_MDKSA-2001-089.nasl)

Bugtraq ID: 3544

CVE ID: CVE-2001-0894

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now