cbcvebase.
CVE-2003-0468
published 2003-08-27

CVE-2003-0468: Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local…

PriorityP420medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
2.38%
81.8th percentile
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.

Affected

13 ranges
VendorProductVersion rangeFixed in
conectivalinux
conectivalinux
debianpostfix< postfix 1.1.12 (bookworm)postfix 1.1.12 (bookworm)
postfixpostfix>= 0 < 1.1.121.1.12
postfixpostfix>= 0 < 1.1.121.1.12
postfixpostfix>= 0 < 1.1.121.1.12
postfixpostfix>= 0 < 1.1.121.1.12
wietse_venemapostfix
wietse_venemapostfix
wietse_venemapostfix
wietse_venemapostfix
wietse_venemapostfix
wietse_venemapostfix

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.