RHSA-2011:0843: Moderate: postfix security update

First published: Tue May 31 2011(Updated: )

Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),<br>and TLS.<br>A heap-based buffer over-read flaw was found in the way Postfix performed<br>SASL handlers management for SMTP sessions, when Cyrus SASL authentication<br>was enabled. A remote attacker could use this flaw to cause the Postfix<br>smtpd server to crash via a specially-crafted SASL authentication request.<br>The smtpd process was automatically restarted by the postfix master process<br>after the time configured with service_throttle_time elapsed.<br>(CVE-2011-1720)<br>Note: Cyrus SASL authentication for Postfix is not enabled by default.<br>Red Hat would like to thank the CERT/CC for reporting this issue. Upstream<br>acknowledges Thomas Jarosch of Intra2net AG as the original reporter.<br>Users of Postfix are advised to upgrade to these updated packages, which<br>contain a backported patch to resolve this issue. After installing this<br>update, the postfix service will be restarted automatically.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2011:0843
• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• package-manager/redhat