#VU45044 Buffer overflow in Postfix - CVE-2011-1720

Cybersecurity Help s.r.o.

Published: 2011-05-13 | Updated: 2020-08-11

Vulnerability identifier: #VU45044

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-1720

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Postfix
Server applications / Mail servers

Vendor: Postfix.org

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Postfix: 2.0.0 - 2.8.2

External links
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
https://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html
https://secunia.com/advisories/44500
https://security.gentoo.org/glsa/glsa-201206-33.xml
https://securityreason.com/securityalert/8247
https://www.debian.org/security/2011/dsa-2233
https://www.kb.cert.org/vuls/id/727230
https://www.mail-archive.com/postfix-announce@postfix.org/msg00007.html
https://www.mandriva.com/security/advisories?name=MDVSA-2011:090
https://www.osvdb.org/72259
https://www.postfix.org/announcements/postfix-2.8.3.html
https://www.postfix.org/CVE-2011-1720.html
https://www.securityfocus.com/archive/1/517917/100/0/threaded
https://www.securityfocus.com/bid/47778
https://www.securitytracker.com/id?1025521
https://www.ubuntu.com/usn/usn-1131-1
https://bugzilla.redhat.com/show_bug.cgi?id=699035
https://exchange.xforce.ibmcloud.com/vulnerabilities/67359

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for Postfix

Buffer overflow in Postfix