Postfix epoll File Descriptor Leak Local DoS
Low Nessus Plugin ID 34347
SynopsisThe remote mail server is vulnerable to a local denial of service attack.
DescriptionAccording to its banner, the version of Postfix running on the remote host leaks 'epoll' file descriptors when it executes non-Postfix commands from, say, a user's .forward file. A local attacker can access the leaked epoll descriptor to launch a denial of service attack against Postfix.
Note that this issue only affects hosts running Linux with a 2.6 kernel.
SolutionUpgrade to Postfix 2.4.9 / 2.5.5 / 2.6-20080902 or later.