Postfix Script Remote Command Execution via Shellshock

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote mail server uses scripts that allow remote command
execution via Shellshock.

Description :

The remote host appears to be running Postfix. Postfix itself is not
vulnerable to Shellshock; however, any bash script Postfix runs for
filtering or other tasks could potentially be affected if the script
exports an environmental variable from the content or headers of a
message.

A negative result from this plugin does not prove conclusively that
the remote system is not affected by Shellshock, only that any scripts
Postfix may be running do not create the conditions that are
exploitable via the Shellshock flaw.

See also :

http://seclists.org/oss-sec/2014/q3/650
http://www.nessus.org/u?dacf7829
https://www.invisiblethreat.ca/post/shellshock/

Solution :

Apply the referenced Bash patch or remove the Postfix scripts.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 77969 ()

Bugtraq ID: 70103
70137

CVE ID: CVE-2014-6271
CVE-2014-7169

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now