CVE-2011-1720: Buffer Overflow

First published: Fri Apr 22 2011(Updated: )

A heap-based buffer overread flaw was found in the way Postfix mail transport agent performed SASL handlers management for SMTP sessions, when the Cyrus SASL authentication was enabled. A remote attacker could use this flaw to cause Postfix smtpd server crash via specially-crafted SASL authentication request. Note: The default configuration of Postfix mail transport agent, as shipped with Red Hat Enterprise Linux 4, 5, and 6 do not enable SASL support for SMTP authentication for mail clients (thus Postfix server instances using it are not vulnerable to this flaw). Workaround: If your Postfix server configuration contains directive like: smtpd_sasl_auth_enable = yes change 'yes' to 'no' or comment the whole line out not to be vulnerable to this flaw.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Postfix Postfix	=2.3.16
Postfix Postfix	=2.3.18
Postfix Postfix	=2.0.10
Postfix Postfix	=2.4.10
Postfix Postfix	=2.5.0
Postfix Postfix	=2.4
Postfix Postfix	=2.3.11
Postfix Postfix	=2.0.14
Postfix Postfix	=2.0.17
Postfix Postfix	=2.2.7
Postfix Postfix	=2.0.16
Postfix Postfix	=2.3.6
Postfix Postfix	=2.1.5
Postfix Postfix	=2.5.9
Postfix Postfix	=2.3.0
Postfix Postfix	=2.0.6
Postfix Postfix	=2.2.4
Postfix Postfix	=2.0.15
Postfix Postfix	=2.5.2
Postfix Postfix	=2.4.15
Postfix Postfix	=2.5.12
Postfix Postfix	=2.4.0
Postfix Postfix	=2.3.12
Postfix Postfix	=2.3.10
Postfix Postfix	=2.5.7
Postfix Postfix	=2.5.8
Postfix Postfix	=2.4.5
Postfix Postfix	=2.1.4
Postfix Postfix	=2.3.9
Postfix Postfix	=2.3.2
Postfix Postfix	=2.2.11
Postfix Postfix	=2.3
Postfix Postfix	=2.2.5
Postfix Postfix	=2.3.7
Postfix Postfix	=2.1.1
Postfix Postfix	=2.3.14
Postfix Postfix	=2.4.8
Postfix Postfix	=2.4.12
Postfix Postfix	=2.1.2
Postfix Postfix	=2.4.3
Postfix Postfix	=2.5.3
Postfix Postfix	=2.2.3
Postfix Postfix	=2.0.9
Postfix Postfix	=2.0.4
Postfix Postfix	=2.3.17
Postfix Postfix	=2.5.10
Postfix Postfix	=2.2.2
Postfix Postfix	=2.0.0
Postfix Postfix	=2.0.2
Postfix Postfix	=2.0.11
Postfix Postfix	=2.2.8
Postfix Postfix	=2.4.11
Postfix Postfix	=2.2.10
Postfix Postfix	=2.3.19
Postfix Postfix	=2.3.15
Postfix Postfix	=2.4.7
Postfix Postfix	=2.4.2
Postfix Postfix	=2.0.1
Postfix Postfix	=2.2.1
Postfix Postfix	=2.0.12
Postfix Postfix	=2.5.4
Postfix Postfix	=2.5.11
Postfix Postfix	=2.3.4
Postfix Postfix	=2.4.9
Postfix Postfix	=2.0.5
Postfix Postfix	=2.3.3
Postfix Postfix	=2.0.18
Postfix Postfix	=2.0.13
Postfix Postfix	=2.2.12
Postfix Postfix	=2.3.1
Postfix Postfix	=2.5.1
Postfix Postfix	=2.0.3
Postfix Postfix	=2.4.13
Postfix Postfix	=2.0.7
Postfix Postfix	=2.1.0
Postfix Postfix	=2.3.8
Postfix Postfix	=2.1.6
Postfix Postfix	=2.4.14
Postfix Postfix	=2.0.8
Postfix Postfix	=2.3.5
Postfix Postfix	=2.1.3
Postfix Postfix	=2.5.5
Postfix Postfix	=2.4.1
Postfix Postfix	=2.0.19
Postfix Postfix	=2.2.0
Postfix Postfix	=2.4.6
Postfix Postfix	=2.4.4
Postfix Postfix	=2.2.6
Postfix Postfix	=2.2.9
Postfix Postfix	=2.5.6
Postfix Postfix	=2.3.13
Postfix Postfix	=2.6.9
Postfix Postfix	=2.6.6
Postfix Postfix	=2.6.3
Postfix Postfix	=2.6.1
Postfix Postfix	=2.6.7
Postfix Postfix	=2.6.0
Postfix Postfix	=2.6
Postfix Postfix	=2.6.4
Postfix Postfix	=2.6.5
Postfix Postfix	=2.6.2
Postfix Postfix	=2.6.8
Postfix Postfix	=2.7.2
Postfix Postfix	=2.7.0
Postfix Postfix	=2.7.1
Postfix Postfix	=2.7.3
Postfix Postfix	=2.8.0
Postfix Postfix	=2.8.1
Postfix Postfix	=2.8.2
redhat/postfix	<2:2.2.10-1.5.el4	2:2.2.10-1.5.el4
redhat/postfix	<2:2.3.3-2.3.el5_6	2:2.3.3-2.3.el5_6
redhat/postfix	<2:2.6.6-2.2.el6_1	2:2.6.6-2.2.el6_1

Remedy

http://www.securityfocus.com/bid/47778

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

RHSA-2011:0843

collector/nvd-historical
collector/redhat-cve
collector/nvd-index
collector/nvd-api
agent/author
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/last-modified-date
agent/references
agent/severity
agent/description
agent/event
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2011-1720
agent/tags
agent/trending
vendor/postfix
canonical/postfix postfix
version/postfix postfix/2.3.16
version/postfix postfix/2.3.18
version/postfix postfix/2.0.10
version/postfix postfix/2.4.10
version/postfix postfix/2.5.0
version/postfix postfix/2.4
version/postfix postfix/2.3.11
version/postfix postfix/2.0.14
version/postfix postfix/2.0.17
version/postfix postfix/2.2.7
version/postfix postfix/2.0.16
version/postfix postfix/2.3.6
version/postfix postfix/2.1.5
version/postfix postfix/2.5.9
version/postfix postfix/2.3.0
version/postfix postfix/2.0.6
version/postfix postfix/2.2.4
version/postfix postfix/2.0.15
version/postfix postfix/2.5.2
version/postfix postfix/2.4.15
version/postfix postfix/2.5.12
version/postfix postfix/2.4.0
version/postfix postfix/2.3.12
version/postfix postfix/2.3.10
version/postfix postfix/2.5.7
version/postfix postfix/2.5.8
version/postfix postfix/2.4.5
version/postfix postfix/2.1.4
version/postfix postfix/2.3.9
version/postfix postfix/2.3.2
version/postfix postfix/2.2.11
version/postfix postfix/2.3
version/postfix postfix/2.2.5
version/postfix postfix/2.3.7
version/postfix postfix/2.1.1
version/postfix postfix/2.3.14
version/postfix postfix/2.4.8
version/postfix postfix/2.4.12
version/postfix postfix/2.1.2
version/postfix postfix/2.4.3
version/postfix postfix/2.5.3
version/postfix postfix/2.2.3
version/postfix postfix/2.0.9
version/postfix postfix/2.0.4
version/postfix postfix/2.3.17
version/postfix postfix/2.5.10
version/postfix postfix/2.2.2
version/postfix postfix/2.0.0
version/postfix postfix/2.0.2
version/postfix postfix/2.0.11
version/postfix postfix/2.2.8
version/postfix postfix/2.4.11
version/postfix postfix/2.2.10
version/postfix postfix/2.3.19
version/postfix postfix/2.3.15
version/postfix postfix/2.4.7
version/postfix postfix/2.4.2
version/postfix postfix/2.0.1
version/postfix postfix/2.2.1
version/postfix postfix/2.0.12
version/postfix postfix/2.5.4
version/postfix postfix/2.5.11
version/postfix postfix/2.3.4
version/postfix postfix/2.4.9
version/postfix postfix/2.0.5
version/postfix postfix/2.3.3
version/postfix postfix/2.0.18
version/postfix postfix/2.0.13
version/postfix postfix/2.2.12
version/postfix postfix/2.3.1
version/postfix postfix/2.5.1
version/postfix postfix/2.0.3
version/postfix postfix/2.4.13
version/postfix postfix/2.0.7
version/postfix postfix/2.1.0
version/postfix postfix/2.3.8
version/postfix postfix/2.1.6
version/postfix postfix/2.4.14
version/postfix postfix/2.0.8
version/postfix postfix/2.3.5
version/postfix postfix/2.1.3
version/postfix postfix/2.5.5
version/postfix postfix/2.4.1
version/postfix postfix/2.0.19
version/postfix postfix/2.2.0
version/postfix postfix/2.4.6
version/postfix postfix/2.4.4
version/postfix postfix/2.2.6
version/postfix postfix/2.2.9
version/postfix postfix/2.5.6
version/postfix postfix/2.3.13
version/postfix postfix/2.6.9
version/postfix postfix/2.6.6
version/postfix postfix/2.6.3
version/postfix postfix/2.6.1
version/postfix postfix/2.6.7
version/postfix postfix/2.6.0
version/postfix postfix/2.6
version/postfix postfix/2.6.4
version/postfix postfix/2.6.5
version/postfix postfix/2.6.2
version/postfix postfix/2.6.8
version/postfix postfix/2.7.2
version/postfix postfix/2.7.0
version/postfix postfix/2.7.1
version/postfix postfix/2.7.3
version/postfix postfix/2.8.0
version/postfix postfix/2.8.1
version/postfix postfix/2.8.2
package-manager/redhat

CVE-2011-1720: Buffer Overflow

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact