Postfix epoll File Descriptor Leak Local DoS

low Nessus Plugin ID 34347

Synopsis

The remote mail server is vulnerable to a local denial of service attack.

Description

According to its banner, the version of Postfix running on the remote host leaks 'epoll' file descriptors when it executes non-Postfix commands from, say, a user's .forward file. A local attacker can access the leaked epoll descriptor to launch a denial of service attack against Postfix.

Note that this issue only affects hosts running Linux with a 2.6 kernel.

Solution

Upgrade to Postfix 2.4.9 / 2.5.5 / 2.6-20080902 or later.

See Also

https://www.securityfocus.com/archive/1/495894/100/0/threaded

Plugin Details

Severity: Low

ID: 34347

File Name: postfix_epoll_local_DoS.nasl

Version: 1.14

Type: remote

Published: 10/6/2008

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:postfix:postfix

Required KB Items: Settings/ParanoidReport, Host/OS

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-3889

BID: 30977

CWE: 20