postfix-2.3.3-2.11.0.1.AXS3
エラータID: AXSA:2011-221:03
Release date:
Thursday, July 7, 2011 - 10:06
Subject:
postfix-2.3.3-2.11.0.1.AXS3
Affected Channels:
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity:
High
Description:
Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), TLS
Security issues fixed with this release:
CVE-2011-1720
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
Solution:
Update packages.
CVEs:
CVE-2011-1720
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
Additional Info:
N/A
Download:
Asianux Server 3 for x86
- postfix-2.3.3-2.11.0.1.AXS3.i386.rpm
MD5: 8a04529179a473a1dc053a0b2f395aa5
SHA-256: 3757a221a01d47cf821552215c4e38ad5505fb9a21a82eeef223952a5b57cbcc
Size: 3.69 MB - postfix-pflogsumm-2.3.3-2.11.0.1.AXS3.i386.rpm
MD5: f040d3af967cb8bb8c4b2cdf0f20d631
SHA-256: eca20f7e4ed4d54366d12f2eacdc10b41e343355a4e669dfc50587a7c42e1edd
Size: 49.60 kB
Asianux Server 3 for x86_64
- postfix-2.3.3-2.11.0.1.AXS3.x86_64.rpm
MD5: c2968aa1e1927494700b4bd0d8f4ea60
SHA-256: 13697049bc4626223d177f415a706ba73a651ac25c68c1ea7448f5b8dbc86008
Size: 3.82 MB - postfix-pflogsumm-2.3.3-2.11.0.1.AXS3.x86_64.rpm
MD5: fab0b397c711d9fec3755551b34e389e
SHA-256: 66030f2ae94c5a6dcae61a829f7dd27288dd9ce6cbff95eb9b4c18c75d173be0
Size: 49.57 kB
日本語