GLSA-201206-33 : Postfix: Multiple vulnerabilities
Medium Nessus Plugin ID 59706
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201206-33 (Postfix: Multiple vulnerabilities)
A vulnerability have been discovered in Postfix. Please review the CVE identifier referenced below for details.
An attacker could perform a man-in-the-middle attack and inject SMTP commands during the plaintext to TLS session switch or might execute arbitrary code.
There is no known workaround at this time.
SolutionAll Postfix users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=mail-mta/postfix-2.7.4'