CVE-2003-0540

Postfix 1.1.x - Denial of Service

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.

El código de procesamiento de direcciones en Postfix 1.1.12 y anteriores permite a atacantes remotos causar una denegación de servicio (bloqueo) mediante (1) una dirección envoltorio malformada a una máquina local que generaría un rebote y que contenga la cadena ".!" en las cabeceras MAIL FROM Y Errors-To, lo que hace que nqmgrse cuelge, o (2) mediante un MAIL FROM con un RCPT TO conteniendo una cadena ".!", lo que hace que una instancia del oyente SMTP se cuelgue.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2003-07-14 CVE Reserved
2003-08-04 First Exploit
2003-08-05 CVE Published
2023-08-20 EPSS Updated
2024-08-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (15)

URL	Tag	Source
http://lists.grok.org.uk/pipermail/full-disclosure/2003-August/007693.html	Mailing List
http://marc.info/?l=bugtraq&m=106001525130257&w=2	Mailing List
http://secunia.com/advisories/9433	Third Party Advisory
http://www.kb.cert.org/vuls/id/895508	Third Party Advisory
http://www.securityfocus.com/bid/8333	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A544	Signature

URL	Date	SRC
https://www.exploit-db.com/exploits/22981	2003-08-04
https://www.exploit-db.com/exploits/22982	2003-08-04

URL	Date	SRC
http://www.debian.org/security/2003/dsa-363	2017-10-11
http://www.redhat.com/support/errata/RHSA-2003-251.html	2017-10-11

URL	Date	SRC
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000717	2017-10-11
http://marc.info/?l=bugtraq&m=106029188614704&w=2	2017-10-11
http://www.linuxsecurity.com/advisories/engarde_advisory-3517.html	2017-10-11
http://www.mandriva.com/security/advisories?name=MDKSA-2003:081	2017-10-11
http://www.novell.com/linux/security/advisories/2003_033_postfix.html	2017-10-11

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Wietse Venema Search vendor "Wietse Venema"		Postfix Search vendor "Wietse Venema" for product "Postfix"				1.0.21 Search vendor "Wietse Venema" for product "Postfix" and version "1.0.21"		-		Affected
Wietse Venema Search vendor "Wietse Venema"		Postfix Search vendor "Wietse Venema" for product "Postfix"				1.1.11 Search vendor "Wietse Venema" for product "Postfix" and version "1.1.11"		-		Affected
Wietse Venema Search vendor "Wietse Venema"		Postfix Search vendor "Wietse Venema" for product "Postfix"				1.1.12 Search vendor "Wietse Venema" for product "Postfix" and version "1.1.12"		-		Affected
Wietse Venema Search vendor "Wietse Venema"		Postfix Search vendor "Wietse Venema" for product "Postfix"				1999-09-06 Search vendor "Wietse Venema" for product "Postfix" and version "1999-09-06"		-		Affected
Wietse Venema Search vendor "Wietse Venema"		Postfix Search vendor "Wietse Venema" for product "Postfix"				1999-12-31 Search vendor "Wietse Venema" for product "Postfix" and version "1999-12-31"		-		Affected
Wietse Venema Search vendor "Wietse Venema"		Postfix Search vendor "Wietse Venema" for product "Postfix"				2000-02-28 Search vendor "Wietse Venema" for product "Postfix" and version "2000-02-28"		-		Affected
Wietse Venema Search vendor "Wietse Venema"		Postfix Search vendor "Wietse Venema" for product "Postfix"				2001-11-15 Search vendor "Wietse Venema" for product "Postfix" and version "2001-11-15"		-		Affected
Conectiva Search vendor "Conectiva"		Linux Search vendor "Conectiva" for product "Linux"				7.0 Search vendor "Conectiva" for product "Linux" and version "7.0"		-		Affected
Conectiva Search vendor "Conectiva"		Linux Search vendor "Conectiva" for product "Linux"				8.0 Search vendor "Conectiva" for product "Linux" and version "8.0"		-		Affected